Certbot with standalone fails with "could not connect"

jjaone · February 24, 2017, 8:26am

Hi LetsEncrypt-community,

we also have servers that are behind NAT-firewalls and I have been looking for ways to getLetsEncryptt-authenticated and verified SSL-certs to those (two) servers that each have their own DNS-names. I found this thread and still I do not know how should I go about with letsencrypt-auto or certbot-auto to generate SSL:s to those servers. Anything I try with:

/letsencrypt-auto certonly --email myfake.fake.emll --agree-tos --apache  -d my1.domain.tld

or

/letsencrypt-auto certonly --email my@fake.com --agree-tos --standalone --standalone-supported-challenges http-01 --http-01-port 80 -d my1.domain.tld

or any other way, always fails with:

Failed authorization procedure. my1.domain.tld (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to my1.domain.tld

How can I make this work using this “dns-01” -challenge system, please?

schoen · February 25, 2017, 5:34pm

Hi @jjaone,

I split this into a new thread because I’m not sure whether it was related to the existing thread.

Can you confirm that the name that corresponds to my1.domain.tld is a publicly visible name in the DNS but that the NAT won’t actually allow entities on the public Internet to connect directly inbound to that machine?

system · March 27, 2017, 5:35pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Why is this trying to access my server? Help	3	1693	June 29, 2016
Issues generating a Let's Encrypt certificate Help	18	205	November 19, 2024
Unable to get a cert Help	10	286	June 14, 2024
How to use authenticate with a DNS record?	4	3767	February 25, 2017
Certbot failed to authenticate some domains (authenticator: standalone) Help	2	237	March 6, 2024

Certbot with standalone fails with "could not connect"

Related topics