My cert renewal succeeds wth the --dry-run option
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
However when I run the renewal script command: sudo ./letsencrypt-auto renew
…it fails, producing this output:
Attempting to renew cert from /etc/letsencrypt/renewal/<my-domain.com>.conf produced an unexpected error: Failed authorization procedure. […] :acme:error:connection :: The server could not connect to the client to verify the domain :: […]
An apparent timeout error…
I have verified that the LetsEncrypt IP (22.214.171.124) is whitelisted for TCP (port 80)/HTTP requests to my server, which is not publicly web accessible. Do I need to whitelist some additional IP(s)…?
My web server is: Apache 2.4; I believe it is properly configured; the operating system my web server runs on is RedHat Linux 7. And I am able to run the script as root. Any help would be greatly appreciated!