Can't bind to port 80

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
iot.mrrcomputers.cc
I ran this command:
certbot certonly --standalone
It produced this output:
Saving debug log to C:\Certbot\log\letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel): iot.mrrcomputers.cc
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for iot.mrrcomputers.cc
Cleaning up challenges
←[31mProblem binding to port 80: Could not bind to IPv4 or IPv6.←[0m
My web server is (include version):
104.217.252.146
The operating system my web server runs on is (include version):
Windows 2012
My hosting provider, if applicable, is:
this is a VPS server

I can login to a root shell on my machine (yes or no, or I don't know):
I connect usng RDP
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Certbot 1.9.0

The website is defined in my IIS and is operational at http://iot.mrrcomputers.ccc

2 Likes

Welcome to the Let's Encrypt Community :slightly_smiling_face:

You need a publicly-registered domain name in order to acquire a Let's Encrypt certificate. IP certificates are coming soon though...

Sorry, saw the .ccc:


In order to use standalone, you need to stop your webserver first. Consider using webroot instead.


2 Likes

That may be a TYPO.
Try:
http://iot.mrrcomputers.cc/

2 Likes

Since i stopped the webserver then obviously the port isnt available??

1 Like

If i add the http;// i get error try without the http:// :slight_smile:

1 Like

The error:

was that certbot was trying to use port 80 (HTTP) while IIS was already using it.
If you stop IIS, then certbot will be able to use it and not complain.

1 Like

IIS is stopped stil get the following

2 Likes

Turn IIS back on and let's check HTTP access to your site.

2 Likes

http://iot.mrrcomputers.cc working fine

2 Likes

p.s. In the past used to use "LetEncrypt.exe" to create my other certificates for this Server :slight_smile:

2 Likes

Confirmed:

curl -Iki http://iot.mrrcomputers.cc/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.2.7
X-Powered-By: ASP.NET
Date: Thu, 15 Oct 2020 03:19:19 GMT

IIS is reachable via port 80 (HTTP)

hmm...

Perhaps the local firewall only allows IIS to use port 80?

1 Like

no i have other https sites running on this server

for example https://www.mrrcomputers.cc

1 Like

HTTPS is port 443 and that probably runs under IIS also.

We did make some progress the "can't bind to port 80" error was removed when IIS was stopped.
But the --standalone still failed...

1 Like

it did mention a AAAA record in dns .. never heard of that one ?

1 Like

AAAA is IPv6
But that is not the case with your name.

I think you might have some sort of IPS / GeoLocation blocking / or IP blocklist in place that is preventing the LE challenge requests from reaching your site.

1 Like

sorry totally lost me on the terminology :wink:

1 Like

I see now that you misunderstood me...
Let me rephrase that with:
Perhaps the local firewall only permits IIS to use port 80 [and doesn't allow certbot to use port 80].

As for the other terminology...
Do you have any firewall settings that would block entire countries? or use an IP blacklist to block IPs?

1 Like

not blocking that I know of ..as i said i;ve used (and renewed) using LetEncrypt.exe for the last few years .. when I couldn't create cert with it i then downloaded Cerbot)

I have no other explanation for the failure.
Are you familiar with DNS authentication?

you mean DNS management??