Hello, my certificate expired few weeks ago and i was not able to renew it.
I have deleted it and tried to restart from new.
Previous certifcate was created following the below tutorial and it worked: owncloud ssl tutorial
My e-mail is till registered
root@debian:/etc/letsencrypt# sudo certbot register --agree-tos --email miazza@tiscali.it
Saving debug log to /var/log/letsencrypt/letsencrypt.log
There is an existing account; registration of a duplicate account with this command is currently unsupported.
When i try to create the new certificate with the my-domain-name.sh script, this is not anymore working and I get the following error:
An unexpected error occurred:
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x75914f88>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
my DNS is well resolved.
I tried few times always with the same result.
Considering that the same sh script was well working few months ago I prefer not to change it
Do someone have any suggestion to solve the situation ?
root@debian:/etc/letsencrypt# ./miazza.no-ip.biz.sh
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer None
An unexpected error occurred:
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x759a6f70>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
Please see the logfiles in /var/log/letsencrypt for more details.
Tried again right now and things are now different:
root@debian:/etc/letsencrypt# ./miazza.no-ip.biz.sh
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer None
Requesting a certificate for miazza.no-ip.biz
Performing the following challenges:
http-01 challenge for miazza.no-ip.biz
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:8 0
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0. 0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Unable to restart apache using ['apache2ctl', 'graceful']
Cleaning up challenges
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
Unable to restart apache using ['apache2ctl', 'graceful']
Encountered exception during recovery: certbot.errors.MisconfigurationError: Err or while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
Running post-hook command: service apache2 reload
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:8 0
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0. 0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
The temporary issue is now solved but now I have a problem with Apache2 that does not start anymore....
and when I try to create the certificate I get now this error:
root@debian:/etc/letsencrypt# ./miazza.no-ip.biz.sh
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer None
Requesting a certificate for miazza.no-ip.biz
Performing the following challenges:
http-01 challenge for miazza.no-ip.biz
Waiting for verification...
Challenge failed for domain miazza.no-ip.biz
http-01 challenge for miazza.no-ip.biz
Cleaning up challenges
Running post-hook command: service apache2 reload
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: miazza.no-ip.biz
Type: connection
Detail: 188.216.77.234: Fetching
http://miazza.no-ip.biz/.well-known/acme-challenge/SNd1NeMGDb_8lMaWQmLUEh_qGzBkpRohH0qbNUuHaIc:
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
I do not have any firewall on my router.
Any suggestion ?
Something is preventing access to your server. Even a request for your "home" page using HTTP fails.
curl -I -m10 http://miazza.no-ip.biz
curl: (28) Connection timed out after 10001 milliseconds
But, requests using HTTPS:// connect successfully (although you send a faulty cert so show a different error). It looks like your port 80 (http) is blocked. It needs to be open for the http challenge.
I was wondering about the final outcome. If they want to use Apache with https but it only is setup to listen on 8089 then it seems they need to use this format? Yes? I was making sure that was their plan.
