I ran this command:
sudo ./letsencrypt-auto certonly --standalone --standalone-supported-challenges http-01
It produced this output:
WARNING: unable to check for updates.
Creating virtual environment…
Installing Python packages…
Traceback (most recent call last):
File “/tmp/tmp.hOFQLk2UJ0/pipstrap.py”, line 146, in
File “/tmp/tmp.hOFQLk2UJ0/pipstrap.py”, line 130, in main
for url, digest in PACKAGES]
File “/tmp/tmp.hOFQLk2UJ0/pipstrap.py”, line 112, in hashed_download
response = opener().open(url)
File “/usr/lib/python2.7/urllib2.py”, line 404, in open
response = self._open(req, data)
File “/usr/lib/python2.7/urllib2.py”, line 422, in _open
File “/usr/lib/python2.7/urllib2.py”, line 382, in _call_chain
result = func(*args)
File “/usr/lib/python2.7/urllib2.py”, line 1222, in https_open
return self.do_open(httplib.HTTPSConnection, req)
File “/usr/lib/python2.7/urllib2.py”, line 1184, in do_open
urllib2.URLError: <urlopen error [Errno 101] Network is unreachable>
My operating system is (include version):
Ubuntu 14.04.2 LTS (GNU/Linux 3.16.0-40-generic x86_64)
My web server is (include version):
Java Grizzly Server (listening NOT on port 80 or 443)
I can login to a root shell on my machine (yes or no, or I don’t know):
I use login as sudo user.
I wanted to issue a certificate with letsencrypt-auto. The server machine is behind a router. At the router port 80 is forwarded by Full-NAT (Network address translation) to port 80 of the server machine and in the firewall port 80 is opened. As I use a Java server which does not present any websites/files but offers a web service (clients like a desktop application, mobile app or another webserver call functions on the server) I cannot use a method like webroot and I use standalone.
I installed certbot on the server machine by:
apt-get install git
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
And everytime I run the command which I wrote at the beginning of this thread I get the error that the network is unreachable, no matter if I added my domain with -d option or not. Is there anything wrong what I did? Does certbot with standalone method need other ports than 80 as well? As far as I know I can choose if I want to use port 80 or 443 and 443 is not possible for me.
Does anybody know what’s wrong?
I was wondering if you can configure certbot that it uses a proxy server to connect? When I cloned letsencrpyt directory with git, I used a proxy to connect, but I did not find a possibility to set up a proxy server for certbot.