Can't connect to Let's Encrypt server


#21

Are the different servers connecting to the same Akamai IP addresses?

Maybe some of them use IPv6?


#22

One simple test may be to just run:

curl --resolve acme-v01.api.letsencrypt.org:443:104.122.249.164 https://acme-v01.api.letsencrypt.org/directory

on all of your servers, and see which ones fail.

If your NOC can also run that from their routers, that would be good too.

(The IP address is the “bad” one from earlier in the thread)


#23

Same Akamai IP address, no IPv6, same subnet.

Most of our servers are Windows servers though, and Certify the Web works fine with those. Only a few with CentOS (and CWP).


#24

Hi,

Do you mind to check the MTU size on those affected Centos server?
ifconfig| grep MTU
A user reported a similar issue earlier that was resolved by changing the MTU value…

Thank you


#25

MTU values were identical: eth0 flags 4163, mtu 1500, lo flags 73, mtu 65536


#26

Okay… Then this might not be the issue…

Do you mind to also perform a traceroute to acme-v01.api.letsencrypt.org?

If possible, please try to perform the same command on a normal machine (in the same subnet)…

(This is the last thing i know to diagnose those issues…)

Thank you


#27

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.