Certbot renew failed: Connection aborted

Help
5

Failed with renew:

2025-01-28 09:03:50,270:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2025-01-28 09:03:50,390:DEBUG:certbot._internal.main:certbot version: 3.1.0
2025-01-28 09:03:50,391:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/4325/bin/certbot
2025-01-28 09:03:50,391:DEBUG:certbot._internal.main:Arguments: ['-v', '--dry-run', '--debug-challenges', '--preconfigured-renewal']
2025-01-28 09:03:50,391:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2025-01-28 09:03:50,398:DEBUG:certbot._internal.log:Root logging level set at 20
2025-01-28 09:03:50,398:DEBUG:certbot._internal.display.obj:Notifying user: Processing /etc/letsencrypt/renewal/webshare.sxces.com.conf
2025-01-28 09:03:50,399:DEBUG:certbot.configuration:Var server=https://acme-staging-v02.api.letsencrypt.org/directory (set by user).
2025-01-28 09:03:50,399:DEBUG:certbot.configuration:Var account=None (set by user).
2025-01-28 09:03:50,400:DEBUG:certbot._internal.plugins.selection:Requested authenticator None and installer None
2025-01-28 09:03:50,408:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r10.o.lencr.org:80
2025-01-28 09:04:10,801:DEBUG:urllib3.connectionpool:http://r10.o.lencr.org:80 "POST / HTTP/1.1" 200 504
2025-01-28 09:04:10,803:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/webshare.sxces.com/cert14.pem is signed by the certificate's issuer.
2025-01-28 09:04:10,805:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/webshare.sxces.com/cert14.pem is: OCSPCertStatus.GOOD
2025-01-28 09:04:10,813:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2025-01-31 22:02:11 UTC.
2025-01-28 09:04:10,813:INFO:certbot._internal.renewal:Certificate is due for renewal, auto-renewing...
2025-01-28 09:04:10,813:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None
2025-01-28 09:04:10,814:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone
Description: Runs an HTTP server locally which serves the necessary validation files under the /.well-known/acme-challenge/ request path. Suitable if there is no HTTP server already running. HTTP challenge only (wildcards not supported).
Interfaces: Authenticator, Plugin
Entry point: EntryPoint(name='standalone', value='certbot._internal.plugins.standalone:Authenticator', group='certbot.plugins')
Initialized: <certbot._internal.plugins.standalone.Authenticator object at 0x7f5705643e00>
Prep: True
2025-01-28 09:04:10,814:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.standalone.Authenticator object at 0x7f5705643e00> and installer None
2025-01-28 09:04:10,814:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2025-01-28 09:04:10,859:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/63794024', new_authzr_uri=None, terms_of_service=None), f5971f0c27297836c3bf94494f476440, Meta(creation_dt=datetime.datetime(2022, 8, 8, 20, 40, 47, tzinfo=datetime.timezone.utc), creation_host='webshare', register_to_eff=None))>
2025-01-28 09:04:10,859:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2025-01-28 09:04:10,860:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443
2025-01-28 09:04:56,820:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 974
2025-01-28 09:04:56,821:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:04:56 GMT
Content-Type: application/json
Content-Length: 974
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"h1jm1pLCwNc": "Adding random entries to the directory",
"keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"profiles": {
"classic": "The same profile you're accustomed to",
"tlsserver": "Announcing Certificate Profile Selection - Let's Encrypt"
},
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "Staging Environment - Let's Encrypt"
},
"newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
2025-01-28 09:04:56,823:DEBUG:certbot._internal.display.obj:Notifying user: Simulating renewal of an existing certificate for webshare.sxces.com
2025-01-28 09:04:56,933:DEBUG:acme.client:Requesting fresh nonce
2025-01-28 09:04:56,933:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce.
2025-01-28 09:04:57,080:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2025-01-28 09:04:57,081:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:04:57 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: _vkPb5srxKieGcreGX6kkV1R26wgNUVizHFdz8nAeMzkX-jO-xg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

2025-01-28 09:04:57,081:DEBUG:acme.client:Storing nonce: _vkPb5srxKieGcreGX6kkV1R26wgNUVizHFdz8nAeMzkX-jO-xg
2025-01-28 09:04:57,082:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "webshare.sxces.com"\n }\n ]\n}'
2025-01-28 09:04:57,088:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJfdmtQYjVzcnhLaWVHY3JlR1g2a2tWMVIyNndnTlVWaXpIRmR6OG5BZU16a1gtak8teGciLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIn0",
"signature": "mBeGdVwJbTCjerHvPlY-Mgt8e4nEo8mG-jrkTviqOGoxPyc9okDmnYru0Ot8i24d6yXMK0UmdGGSFcpY5eIcvqB6l2SOMKV_YBOSzM8DaeUd0NnexY5vO5hbP_VHzBT4rLI6I_Kqum7qTMh5qq4g-oGy9D4U-xGFFQfzaE6ul0rPvHNowD58z2Hb5XvDOURI0VVuuIRucFYrRadkEdgaWA466E2rsGKFSYm511cXFwJ6qjNYmgLWa81UzGx3c13X7u1hP5ZoQagLWjYwuC0ENwf6DqK3XT5jRhkKzDVGLR4ukrV9Nca8IJsLlW0bHGJYVGV_X5Y6PdCWgv7GR49avQ",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndlYnNoYXJlLnN4Y2VzLmNvbSIKICAgIH0KICBdCn0"
}
2025-01-28 09:04:57,273:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 362
2025-01-28 09:04:57,274:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 28 Jan 2025 08:04:57 GMT
Content-Type: application/json
Content-Length: 362
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/63794024/22262570074
Replay-Nonce: h8qLw8hs4rnMN3wPnu7d3xMJBxz_Nxf2_fPMqPsPZibxG0hEyVo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"status": "pending",
"expires": "2025-02-04T08:04:57Z",
"identifiers": [
{
"type": "dns",
"value": "webshare.sxces.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/63794024/22262570074"
}
2025-01-28 09:04:57,274:DEBUG:acme.client:Storing nonce: h8qLw8hs4rnMN3wPnu7d3xMJBxz_Nxf2_fPMqPsPZibxG0hEyVo
2025-01-28 09:04:57,275:DEBUG:acme.client:JWS payload:
b''
2025-01-28 09:04:57,278:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJoOHFMdzhoczRybk1OM3dQbnU3ZDN4TUpCeHpfTnhmMl9mUE1xUHNQWmlieEcwaEV5Vm8iLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHovNjM3OTQwMjQvMTU4NjAxOTQ3MjQifQ",
"signature": "Vid6WS8yZG5kIRbWzQ49WbFZVmNLYI2KcX0Xa9VtOB2sRoffSltkYdrWA9CsJPo8DuPG8ebzdz8HzcYwEiAcQ99fiaBwNXEDioC8lVk_w0CZFyhIP0jP_IyGBq3URUmNo33UF9dj1C5XI1NuotcW27d_6hSvGGF1xJNMbcd-c7m9Nm7wLyx4yAjXUB_At2VBcyzzmZCzKjREFRiMf1d8eBZJnWTEPaKKUXIoEdw2YfQz8eOD0E0zEUrdyUP7MYHZ951oIzkoCoYTRhHTLwhZqnJeRFyvnkZ0XKCJGOOfoW9BAe1g_nOECp7GsrpwCv2JycXsZg9_Gi3MrlNMAZaZ5g",
"payload": ""
}
2025-01-28 09:04:57,434:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz/63794024/15860194724 HTTP/1.1" 200 841
2025-01-28 09:04:57,435:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:04:57 GMT
Content-Type: application/json
Content-Length: 841
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: h8qLw8hsbzNvzRshpw72RMQq9FtTCB7DwGVqz3DgYwPDhPmhnOg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"identifier": {
"type": "dns",
"value": "webshare.sxces.com"
},
"status": "pending",
"expires": "2025-02-04T08:04:57Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/Hw82MA",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/avXrlw",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
}
]
}
2025-01-28 09:04:57,435:DEBUG:acme.client:Storing nonce: h8qLw8hsbzNvzRshpw72RMQq9FtTCB7DwGVqz3DgYwPDhPmhnOg
2025-01-28 09:04:57,436:INFO:certbot._internal.auth_handler:Performing the following challenges:
2025-01-28 09:04:57,437:INFO:certbot._internal.auth_handler:http-01 challenge for webshare.sxces.com
2025-01-28 09:04:57,439:DEBUG:acme.standalone:Successfully bound to :80 using IPv6
2025-01-28 09:04:57,439:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.
2025-01-28 09:04:57,442:DEBUG:certbot._internal.display.obj:Notifying user: Challenges loaded. Press continue to submit to CA.

The following URLs should be accessible from the internet and return the value
mentioned:

URL:
http://webshare.sxces.com/.well-known/acme-challenge/s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI
Expected value:
s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI.yLECcovyMH9a8nEfb_NUSCcF89nn-FFC1WfuvcYWjro
2025-01-28 09:04:57,442:DEBUG:acme.client:JWS payload:
b'{}'
2025-01-28 09:04:57,445:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJoOHFMdzhoc2J6TnZ6UnNocHc3MlJNUXE5RnRUQ0I3RHdHVnF6M0RnWXdQRGhQbWhuT2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwvNjM3OTQwMjQvMTU4NjAxOTQ3MjQvUlhHVllnIn0",
"signature": "WYCdCrKHHZ96XGP93HgKhODDyevq-113TV_EM3GIDZBRfoeoe_tzegLFunso5LpPMDzrxZ1jRhjtGxkEZRFElXRKpAhu77DxkF7-HLSqLzV7CfPwOU7K-R3-qhJnVsBGtK-uVJ6elTy_MpleXpTkI6O5sxYHf7HcIQHRskfxm-ABf-pnujBvvZ1kHP2R1qbfZpjtWcp0MmNt9E3LQOOcBkmE0LjYBZ8sMcle8HlvsVGzr8_nHH-S6etSF4SjgjFky6NGErxJreoYx97K_hydHbSLQs4OG1O68O7JP9-ioEBi6SjdGM1PNfOukjwbyTyn7_H7OxolSh_xTeMs5m4gcw",
"payload": "e30"
}
2025-01-28 09:04:57,603:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall/63794024/15860194724/RXGVYg HTTP/1.1" 200 200
2025-01-28 09:04:57,604:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:04:57 GMT
Content-Type: application/json
Content-Length: 200
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index", https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg
Replay-Nonce: _vkPb5srUEVFvQ9YPtUKPlPwy4tv22iCR5uqMVCyyV4oLy9h3BI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
}
2025-01-28 09:04:57,604:DEBUG:acme.client:Storing nonce: _vkPb5srUEVFvQ9YPtUKPlPwy4tv22iCR5uqMVCyyV4oLy9h3BI
2025-01-28 09:04:57,605:INFO:certbot._internal.auth_handler:Waiting for verification...
2025-01-28 09:04:57,714:DEBUG:acme.standalone:::ffff:66.133.109.36 - - Incoming request
2025-01-28 09:04:57,884:DEBUG:acme.standalone:::ffff:66.133.109.36 - - Serving HTTP01 with token 's4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI'
2025-01-28 09:04:57,885:DEBUG:acme.standalone:::ffff:66.133.109.36 - - "GET /.well-known/acme-challenge/s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI HTTP/1.1" 200 -
2025-01-28 09:04:58,606:DEBUG:acme.client:JWS payload:
b''
2025-01-28 09:04:58,610:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJfdmtQYjVzclVFVkZ2UTlZUHRVS1BsUHd5NHR2MjJpQ1I1dXFNVkN5eVY0b0x5OWgzQkkiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHovNjM3OTQwMjQvMTU4NjAxOTQ3MjQifQ",
"signature": "KA9ZXAXZ8Vrk9dtVC5l-ShGDV-ZElFwGnQk9XZZ0cOuJd0HjbIMSgxkdre28Q2P1D6HSly1KhCFdDMVR-DTjtkZMdNwFJ1h3DZzaI45wCL3Moz7JSRfC_BMlAdmwY--0kvn-A_oSjzQEJCkzZsMaubzA00TSgi6rcR6esjHllrWwO7_u_RCwZVOTsV3lamQDLMndLCBeWEn7K0c4Z0Ojdd7CysO9V4ahfbsQ8VGfhDsdqCB_DQac7x6yLf7NhJSx_V9S-GfFfKGI3-vqb2fOnGv3qA74HY8mk_zbJ0aOzgwo0uG0bo2HhSdMSpwZK0Vn5y_mlTOMxoffRC5kK7vssw",
"payload": ""
}
2025-01-28 09:04:58,761:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz/63794024/15860194724 HTTP/1.1" 200 841
2025-01-28 09:04:58,762:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:04:58 GMT
Content-Type: application/json
Content-Length: 841
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: _vkPb5srmDRCDdRUVxJ2dNdCUCLhw4qEkuJWSUdOfXU--Ee7kgo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"identifier": {
"type": "dns",
"value": "webshare.sxces.com"
},
"status": "pending",
"expires": "2025-02-04T08:04:57Z",
"challenges": [
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/Hw82MA",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/avXrlw",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
}
]
}
2025-01-28 09:04:58,763:DEBUG:acme.client:Storing nonce: _vkPb5srmDRCDdRUVxJ2dNdCUCLhw4qEkuJWSUdOfXU--Ee7kgo
2025-01-28 09:05:01,764:DEBUG:acme.client:JWS payload:
b''
2025-01-28 09:05:01,768:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJfdmtQYjVzcm1EUkNEZFJVVnhKMmROZENVQ0xodzRxRWt1SldTVWRPZlhVLS1FZTdrZ28iLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHovNjM3OTQwMjQvMTU4NjAxOTQ3MjQifQ",
"signature": "kYWeF5drimklYuHoADMNelGW-Em9TWw9IXnKzUDOtnBQzYqrZyQrmkFUwRocFMNgqesuMhzaRu96RqHTUhuv21OjSpg_uMjh_TLTAuKaigldn-XRJGI4N3fqFPERHJUXx1BfkNxvo14j4EU4zOIfGZktgCpfsJLfizqXNyiURXpHOnENdCVLT_LNKdh3dLFBceHuSPqwUTYEX2Whw7_b66v3XlGpu3Ox-7CpZF9fX-MURdaDxb2VJIbflFF0LvjmaoO23AfUvGz8dDmGcEXtzPNKUl87HViaFg8a4mqM4usJy1fuT26NSYAoxbmhTFNM7f7bPqThmIq7rPY2I4f3ig",
"payload": ""
}
2025-01-28 09:05:01,921:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz/63794024/15860194724 HTTP/1.1" 200 841
2025-01-28 09:05:01,922:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:05:01 GMT
Content-Type: application/json
Content-Length: 841
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: h8qLw8hsxRk38tzgC1fwXZj9AmkyN80OBjGmiwcsB9DkeXzZUJU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"identifier": {
"type": "dns",
"value": "webshare.sxces.com"
},
"status": "pending",
"expires": "2025-02-04T08:04:57Z",
"challenges": [
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/avXrlw",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/Hw82MA",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
}
]
}
2025-01-28 09:05:01,923:DEBUG:acme.client:Storing nonce: h8qLw8hsxRk38tzgC1fwXZj9AmkyN80OBjGmiwcsB9DkeXzZUJU
2025-01-28 09:05:04,924:DEBUG:acme.client:JWS payload:
b''
2025-01-28 09:05:04,928:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJoOHFMdzhoc3hSazM4dHpnQzFmd1haajlBbWt5TjgwT0JqR21pd2NzQjlEa2VYelpVSlUiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHovNjM3OTQwMjQvMTU4NjAxOTQ3MjQifQ",
"signature": "lEfRlDFItgMl8YUH5qUoYdP5J0b72cME-gMQYe1SD0tS1GO6EI89FrjXs-BxvAj8NhQmyuxrXwnczDj5FVUAWTmS0cHb4Rb6f2S_MoyC-9fnMq4ac4fUSuOf83ZBI8yk6BRzLyk6QE8kfFSo5tGR8atvuFsL3UGiS94XVGN5SJZltERqfOOR7zI64Mv5GzQj0SIJANL9BCaWSGVOpi0Pkvy8_FDZz8fMX66tkHDzntn_CI49S5LKE7YvKoZAs80frv7X1nK2Hu66JeeVkQfAr2o5ilH6BtCJuW-c2_rBAyuZEeSOwAZHFDxMFH9ujGk33fGG7Sv2Uob0MnX3d-4HmA",
"payload": ""
}
2025-01-28 09:05:05,082:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz/63794024/15860194724 HTTP/1.1" 200 841
2025-01-28 09:05:05,083:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:05:05 GMT
Content-Type: application/json
Content-Length: 841
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: _vkPb5sreNUiZv9YL6NeBKN3eae3PMB3ZaNFjcAkHHVmKwcUzKs
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"identifier": {
"type": "dns",
"value": "webshare.sxces.com"
},
"status": "pending",
"expires": "2025-02-04T08:04:57Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/Hw82MA",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/avXrlw",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
}
]
}
2025-01-28 09:05:05,083:DEBUG:acme.client:Storing nonce: _vkPb5sreNUiZv9YL6NeBKN3eae3PMB3ZaNFjcAkHHVmKwcUzKs
2025-01-28 09:05:08,085:DEBUG:acme.client:JWS payload:
b''
2025-01-28 09:05:08,088:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJfdmtQYjVzcmVOVWladjlZTDZOZUJLTjNlYWUzUE1CM1phTkZqY0FrSEhWbUt3Y1V6S3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHovNjM3OTQwMjQvMTU4NjAxOTQ3MjQifQ",
"signature": "BMhM6a8XyWT91J6jX6u_e85YEJWpw3hhYlFWOXtWiav9FT0L09SSUm1k2RILMOKDm8Jx_uMfFn8SP-VZI6xjWXUCvk413H1f0pGaEc-mvzhfRLQqkImiMLKNlAnfuSUfpyiwE9ws2_9TvBmh2kD_g6KlvSlA7eaT0YoqYnghMwNVYkVU3yZ1zz03sYVwd8-pvSraOlLfMVEXp0KHh1Ya__QhJXOVpfbQO8gARyh8kMJCJXe2x2u4ztl_S8OksUEvJ6wp8P-yTN1iXWi3kDx5sZ4F8xix9KdtBZWjeU8NtwtXWd-vr-TrD_tJ_VRqrvffBe92X_XgVOn6F-tuFbViCQ",
"payload": ""
}
2025-01-28 09:05:08,243:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz/63794024/15860194724 HTTP/1.1" 200 841
2025-01-28 09:05:08,244:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:05:08 GMT
Content-Type: application/json
Content-Length: 841
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: h8qLw8hspWpZOLGGmR9fkguFeGLC4zRfQ6PrR96YJchCZvMOZic
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"identifier": {
"type": "dns",
"value": "webshare.sxces.com"
},
"status": "pending",
"expires": "2025-02-04T08:04:57Z",
"challenges": [
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/Hw82MA",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
},
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/avXrlw",
"status": "pending",
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI"
}
]
}
2025-01-28 09:05:08,244:DEBUG:acme.client:Storing nonce: h8qLw8hspWpZOLGGmR9fkguFeGLC4zRfQ6PrR96YJchCZvMOZic
2025-01-28 09:05:11,245:DEBUG:acme.client:JWS payload:
b''
2025-01-28 09:05:11,250:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/63794024/15860194724:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82Mzc5NDAyNCIsICJub25jZSI6ICJoOHFMdzhoc3BXcFpPTEdHbVI5ZmtndUZlR0xDNHpSZlE2UHJSOTZZSmNoQ1p2TU9aaWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHovNjM3OTQwMjQvMTU4NjAxOTQ3MjQifQ",
"signature": "zL5OElGephQKz_YtEc0I52vlTEs-j1f9WVKZO2mBIJH5PDzy3kAldKoIUw4poz9d-uKvy2uKs4MneTXJ-Ix0kbqD7YGOcA6Vd7TmaQh9DZNOa0ZLhZGsVzhZxLvQjgqqV8_7DTCMMx5y-KlC6Qa1pe3aA79l-OML3dQq9SrGHbRxySWKcbntoX4vMO0T5-dKrvm_CHQYFp7F-Gvh6qyxIVLDSlUF2Zn-Nn2-rkjc9HPesvoasfe-6Fsh-qsOHtH8t0DSYIW2CKChlG8QQ-Z4Jv7X30gu2vrtWqNmbwWwr61P88XqvRSjfrZR_86KVVbsb9K-13q-pWzUh1I_x7e6rQ",
"payload": ""
}
2025-01-28 09:05:11,406:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz/63794024/15860194724 HTTP/1.1" 200 1112
2025-01-28 09:05:11,407:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 28 Jan 2025 08:05:11 GMT
Content-Type: application/json
Content-Length: 1112
Connection: keep-alive
Boulder-Requester: 63794024
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: _vkPb5srvP_tCEbDENQUmRLv6tpETfvsEOBunSn6ovr8T_nGcUc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"identifier": {
"type": "dns",
"value": "webshare.sxces.com"
},
"status": "invalid",
"expires": "2025-02-04T08:04:57Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall/63794024/15860194724/RXGVYg",
"status": "invalid",
"validated": "2025-01-28T08:04:57Z",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "During secondary validation: 87.129.184.91: Fetching http://webshare.sxces.com/.well-known/acme-challenge/s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI: Timeout during connect (likely firewall problem)",
"status": 400
},
"token": "s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI",
"validationRecord": [
{
"url": "http://webshare.sxces.com/.well-known/acme-challenge/s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI",
"hostname": "webshare.sxces.com",
"port": "80",
"addressesResolved": [
"87.129.184.91"
],
"addressUsed": "87.129.184.91"
}
]
}
]
}
2025-01-28 09:05:11,407:DEBUG:acme.client:Storing nonce: _vkPb5srvP_tCEbDENQUmRLv6tpETfvsEOBunSn6ovr8T_nGcUc
2025-01-28 09:05:11,408:INFO:certbot._internal.auth_handler:Challenge failed for domain webshare.sxces.com
2025-01-28 09:05:11,409:INFO:certbot._internal.auth_handler:http-01 challenge for webshare.sxces.com
2025-01-28 09:05:11,409:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: webshare.sxces.com
Type: connection
Detail: During secondary validation: 87.129.184.91: Fetching http://webshare.sxces.com/.well-known/acme-challenge/s4U6dLpnY7kSkGZYSgpBIAIjnWwMt1X5Bveos55g-DI: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

2025-01-28 09:05:11,414:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2025-01-28 09:05:11,414:DEBUG:certbot._internal.error_handler:Calling registered functions
2025-01-28 09:05:11,415:INFO:certbot._internal.auth_handler:Cleaning up challenges
2025-01-28 09:05:11,415:DEBUG:certbot._internal.plugins.standalone:Stopping server at :::80...
2025-01-28 09:05:11,906:ERROR:certbot._internal.renewal:Failed to renew certificate webshare.sxces.com with error: Some challenges have failed.
2025-01-28 09:05:11,912:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/renewal.py", line 540, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/main.py", line 1529, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/main.py", line 130, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/renewal.py", line 399, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/client.py", line 429, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/client.py", line 497, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/snap/certbot/4325/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2025-01-28 09:05:11,914:DEBUG:certbot._internal.display.obj:Notifying user:

2025-01-28 09:05:11,914:ERROR:certbot._internal.renewal:All simulated renewals failed. The following certificates could not be renewed:
2025-01-28 09:05:11,915:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/webshare.sxces.com/fullchain.pem (failure)
2025-01-28 09:05:11,915:DEBUG:certbot._internal.display.obj:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2025-01-28 09:05:11,915:DEBUG:certbot._internal.log:Exiting abnormally:

1 Like