Certbot --nginx -d ********

➜ ~ certbot --nginx -d **************
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for brother-test.oa3.qingtingai.net

Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: brother-test.oa3.qingtingai.net
Type: connection
Detail: During secondary validation: Fetching http://***************/.well-known/acme-challenge/3MkT_uf1xIi3CHEI_FNuhrJdHjquhq1fegBcFPkGSd4: Connection reset by peer

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

If the website is hosted in China, you may need to try again a few times.

Let's Encrypt, when trying to validate your domain control, tries to connect to your webserver from a number of locations (United States, Europe).

It's not uncommon to see TCP resets when trying to make requests to webservers hosted in China, from overseas.

1 Like

If that fails, you could try using DNS-01 authentication.

How to auto sign

I don't understand your question.