Certbot setup OpenSuse 15.6 apache

This was reported earlier and seems to be a block by university on the certbot access/validation from sites outside the US. I used zerossl previously but I'm out of free trials.
Any updates on how to get a certbot cert ?
Thanks

My domain is:
dna.engr.latech.edu
I ran this command:
certbot --apache
It produced this output:
dna:/etc/apache2/vhosts.d # certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
ssl_module is statically linked but --apache-bin is missing; not disabling session tickets.

Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.

1: dna.engr.latech.edu

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for dna.engr.latech.edu

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: dna.engr.latech.edu
Type: connection
Detail: During secondary validation: 138.47.29.6: Fetching http://dna.engr.latech.edu/.well-known/acme-challenge/kUvQGJ02QlKGtSo7a1sUM-MTyAcuEdjxAsWd43EWFww: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version):
apache2-2.4.58-150600.5.23.1.x86_64

The operating system my web server runs on is (include version):
OpenSuse 15.6

My hosting provider, if applicable, is:
Latech.edu (Louisiana Tech university)
I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
yast and/or cli

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
dna:/etc/apache2/vhosts.d # certbot --version
certbot 3.0.0

I very often find the above is the issue.

And like we said in your previous posts, Let's Encrypt certificates are valid worldwide and so require validation of domain control from many places worldwide. You'll need to prove control from outside the US as well in order to use Let's Encrypt certificates, and soon for other CAs as well.

I thought that ZeroSSL's ACME system didn't limit to a number of trials, even if their web interface did. I could be wrong, though.

In any event, there are plenty of free CAs. Using Buypass Go should be fairly straightforward by just adding --server https://api.buypass.com/acme/directory to your command, though I have no idea what locations it does validation from. (And even if a CA works for you now, it may include more validation locations in the future.)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.