I noticed my certificates were not updating anymore.
Now I hit certbot --renew a little too many times when trying to fix things and then I got this message:
Attempting to renew cert (autimotion.nl-0001) from /etc/letsencrypt/renewal/autimotion.nl-0001.conf produced an unexpected error: HTTPSConnectionPool(host='acme-staging-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f4522301c88>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution',)). Skipping.
And then I just remembered, my ISP changed and so did my IP.
Could that have something to do with this?
My domain is:
autimotion.nl
I ran this command:
sudo certbot renew
It produced this output:
Attempting to renew cert (remotesupport.autimotion.nl) from /etc/letsencrypt/renewal/remotesupport.autimotion.nl.conf produced an unexpected error: HTTPSConnectionPool(host='acme-staging-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f4d886227b8>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution',)). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/autimotion.nl-0001/fullchain.pem (failure)
/etc/letsencrypt/live/autimotion.nl-0002/fullchain.pem (failure)
/etc/letsencrypt/live/autimotion.nl/fullchain.pem (failure)
/etc/letsencrypt/live/openproject.autimotion.nl/fullchain.pem (failure)
/etc/letsencrypt/live/remotesupport.autimotion.nl/fullchain.pem (failure)
My web server is (include version):
nginx/1.21.4
The operating system my web server runs on is (include version):
Ubuntu 18.04.6 LTS
I can login to a root shell on my machine (yes):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.31.0
Yes, just found that out myself.
Seems like something went wrong when putting a backup of the server/container back.
Now the dns issue is solved, but I still get an error:
Attempting to renew cert (autimotion.nl-0001) from /etc/letsencrypt/renewal/autimotion.nl-0001.conf produced an unexpected error: Failed authorization procedure. uren.grip-enterprise.nl (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://uren.grip-enterprise.nl/.well-known/acme-challenge/Q1PB1iVbozcb-P-Vses6O_sap6XdqzIiDTu3hGtRe3Q: Timeout during connect (likely firewall problem), remotesupport.plantmatiq.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://remotesupport.plantmatiq.com/.well-known/acme-challenge/69hKdUsjF0FZiQOEg5IaSJVTD2z3So3BGbSGJghz6Ow: Timeout during connect (likely firewall problem), helpme.plantmatiq.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://helpme.plantmatiq.com/.well-known/acme-challenge/bLAQsKabYDWxra9or4YpiVyoEtKirCYvgb_tM7FlX-Q: Timeout during connect (likely firewall problem), uren.plantmatiq.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://uren.plantmatiq.com/.well-known/acme-challenge/04wtJvcvSZ-8-IdoSgG3gmE758vHwajTqDf09C1EOhU: Timeout during connect (likely firewall problem), kimai.plantmatiq.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://kimai.plantmatiq.com/.well-known/acme-challenge/xQ4uKz6xTPByw6qX-l5qcL5ziMaq0ILVKFly22nty9A: Timeout during connect (likely firewall problem). Skipping.
Those server blocks all have this:
location /.well-known/acme-challenge/ {
alias /etc/nginx/ssl/verify/;
}
So, I don't get it.
shit, you are right, I forgot about those 3 domains, man...
I am really not awake today.
I changed IP of the autimotion domain, but forgot about the other ones.
Man, do I feel utterly stupid right now.
Could we please remove this whole post from the universe now?
