Certbot failed to authenticate some domains (authenticator: webroot). Connection refused

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: wallet.telecelplay.io

I ran this command: docker-compose run --rm --entrypoint "
certbot certonly --webroot -w /var/www/certbot
--register-unsafely-without-email
-d wallet.telecelplay.io
--rsa-key-size 4096
--agree-tos
--force-renewal -v" certbot

It produced this output: Creating dummy certificate for wallet.telecelplay.io ...

Creating env-prod_certbot_run ... done

Generating a RSA private key

.......++++

......................................................................................................................................................................................................................++++

writing new private key to '/etc/letsencrypt/live/wallet.telecelplay.io/privkey.pem'

Starting nginx ...

Recreating nginx ... done

Deleting dummy certificate for wallet.telecelplay.io ...

Creating env-prod_certbot_run ... done

Requesting Let's Encrypt certificate for wallet.telecelplay.io ...

Creating env-prod_certbot_run ... done

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator webroot, Installer None

Requesting a certificate for wallet.telecelplay.io

Performing the following challenges:

http-01 challenge for wallet.telecelplay.io

Using the webroot path /var/www/certbot for all unmatched domains.

Waiting for verification...

Challenge failed for domain wallet.telecelplay.io

http-01 challenge for wallet.telecelplay.io

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:

Domain: wallet.telecelplay.io

Type: connection

Detail: 51.158.67.92: Fetching http://wallet.telecelplay.io/.well-known/acme-challenge/JyIyAQvyx_IE6PkNq_IziIYfY4iSYYEpXzMk1Bsp0eQ: Connection refused

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Cleaning up challenges

Some challenges have failed.

Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

ERROR: 1

Reloading nginx ...

Error response from daemon: Container f03d8084e9232d6ba3103b6ec834e16a7c2f8a3620abff5083efee765aedffad is restarting, wait until the container is running

My web server is (include version): nginx:1.15.12

The operating system my web server runs on is (include version):linux

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.29.0

2

Hi @Avi21, and welcome to the LE community forum :slight_smile:

Please remove this from your test (and never use it again):

Furthermore, tell whoever gave you those instructions to remove it from any such instructions.

You will need a working HTTP site before you can use HTTP authentication to obtain a certificate.

4 Likes
3

Thanks a lot @rg305 :pray:.

2 Likes
4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.