Certbot renew not working 503. Skipping


#1

Please help me
I use domain eco-gate.siblion.ru, eco-jenkins1.siblion.ru and some other
renew script in to working, stay 10 days

/usr/bin/certbot renew --renew-hook “/usr/local/bin/renew.sh”
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/eco-gate.siblion.ru.conf

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for eco-gate.siblion.ru
Waiting for verification…
Cleaning up challenges
Attempting to renew cert (eco-gate.siblion.ru) from /etc/letsencrypt/renewal/eco-gate.siblion.ru.conf produced an unexpected error: Failed authorization procedure. eco-gate.siblion.ru (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://eco-gate.siblion.ru/.well-known/acme-challenge/bDmOFWCyj3SXKfkEIN7S4ck2K4kTOHfolqlGKOGG7aQ [91.218.115.4]: 503. Skipping.


Processing /etc/letsencrypt/renewal/eco-jenkins1.siblion.ru.conf

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for eco-jenkins1.siblion.ru
Cleaning up challenges
Attempting to renew cert (eco-jenkins1.siblion.ru) from /etc/letsencrypt/renewal/eco-jenkins1.siblion.ru.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6… Skipping.


IMPORTANT NOTES:


#2

Hi @talker

calling (per browser)

http://eco-gate.siblion.ru/.well-known/acme-challenge/bDmOFWCyj3SXKfkEIN7S4ck2K4kTOHfolqlGKOGG7aQ

I’ve got the same error: http-status 503. This is a local error of your website eco-gate.siblion.ru.

Same error on http://eco-gate.siblion.ru/ - looks like there is no http service port 80.


#3

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for eco-bitbucket.siblion.ru
Cleaning up challenges
Attempting to renew cert (eco-bitbucket.siblion.ru) from /etc/letsencrypt/renewal/eco-bitbucket.siblion.ru.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6… Skipping.

it is also problem with my port?
telnet in localhost working correct, httpd service is up and running, try stop it - same error.

Thanks


#4

When you use --standalone, it assumes that it can (temporarily) exclusively use port 80, which means that there’s nothing else using the port at that time. This is normally meant for machines that don’t have a web server at all, since port 80 will be free. You can also set --pre-hook and --post-hook options with commands to stop and restart the web server, if there is one.

You can check this with ss -plt to see if anything is still listening on port 80 after you stop your httpd.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.