Does it "work with Let's Encrypt"?
Is it known to work?
I think it may be part of the problem.
1 Like
its back on
Firewall is active and enabled on system startup
yeah it worked on my old server
The DDoS system is the only thing shown, thus far, to be able to create this type of issue.
1 Like
You could try using another CA.
2 Likes
After waiting 5 minutes with no requests I again get the same "reset" failure followed by the correct reply. We have seen this before but don't have good explanation of why.
It is as if each new requester IP gets sent a reset but then allowed to make requests
They may need to use the DNS Challenge if they can't find the reason for this failing. It has nothing to do with Let's Encrypt. I get this error requesting the "home" page
curl -i http://panel.keksssmp.de
curl: (56) Recv failure: Connection reset by peer
curl -i http://panel.keksssmp.de
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 19 Aug 2024 12:56:23 GMT
2 Likes
It's "rejecting" each initial request and waiting to allow the retry.
But LE doesn't retry after the connection reset.
Again:
2 Likes
Yes i asked that they responded with this:
"no - the VMs are delivered with a blank cloud template from the jw. distro vendor and we do no guest OS scanning etcNetwork traffic is only checked inline for DDoS attack patterns"
"There is no layer7 protection, so nothing is filtered at HTTP"
That's still an option.
2 Likes
Try this:
certbot certonly --webroot -w /var/www/pterodactyl/public \
-d panel.keksssmp.de --dry-run \
--server https://api.buypass.com/acme/directory
1 Like
i will try it
Saving debug log to /var/log/letsencrypt/letsencrypt.log
An unexpected error occurred:
The request message was malformed :: Email is a required contact :: Bad Request
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
add:
--email {your.email.address}
Sorry, also: remove:
--dry-run
[that won't work with buypass]
1 Like
how do i do that 
certbot certonly --webroot -w /var/www/pterodactyl/public \
-d panel.keksssmp.de \
--server https://api.buypass.com/acme/directory \
--email replace.with.your.email.address
3 Likes
root@vserver-21005:~# certbot certonly --webroot -w /var/www/pterodactyl/public -d panel.keksssmp.de --email myemail@gmail.com --server https://api.buypass.com/acme/directory
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for panel.keksssmp.de
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/panel.keksssmp.de/fullchain.pem
Key is saved at: /etc/letsencrypt/live/panel.keksssmp.de/privkey.pem
This certificate expires on 2025-02-14.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
root@vserver-21005:~#
1 Like
i think that worked
1 Like
Yes, there is a new cert at:
2 Likes
nice, but my panel wont open do i need to reinstall my panel?
No, you need to have it use the new cert.
3 Likes