Certificat error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

It produced this output:
This script will:

  • Need a working DNS record pointing to this machine(for domain bbb.lsx.se)
  • Download certbot-auto from https://dl.eff.org to /usr/local/sbin
  • Install additional dependencies in order to request Let’s Encrypt certificate
  • If running with jetty serving web content, will stop Jitsi Videobridge
  • Configure and reload nginx or apache2, whichever is used
  • Configure the coturn server to use Let's Encrypt certificate and add required deploy hooks
  • Add command in weekly cron job to renew certificates regularly

You need to agree to the ACME server's Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf)
by providing an email address for important account notifications
Enter your email and press [ENTER]:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for bbb.lsx.se
Using the webroot path /usr/share/jitsi-meet for all unmatched domains.
Waiting for verification...
Challenge failed for domain bbb.lsx.se
http-01 challenge for bbb.lsx.se
Cleaning up challenges
Some challenges have failed.


  • The following errors were reported by the server:

    Domain: bbb.lsx.se
    Type: connection
    Detail: Fetching
    Timeout during connect (likely firewall problem)

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you're using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided."

My web server is (include version):
nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 20.04

My hosting provider, if applicable, is:
Own server

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.40.0

Your webserver needs to be accessible from the internet.

Connecting to your domain on ports 80 and 443 fails with a connection timeout.

You may need to:

  • Forward ports 80 and 443 on your router
  • Open the ports on any firewalls
  • Ask your ISP to unblock those ports

I do not understand why this is so.
If I download an older browser so I can bypass the certificate for the certificate error, I will arrive.
So (https) the port should be open?

I run the server in Virtualbox (ubuntu) on an ubuntu server hardware and there I have Bridged networking between these.

Ports 80, 443 and 22 seem to work, but they do not show that they are open if you run port check online.

Leif Edh

Perhaps it is accessible from within your local network.

However, it is not accessible from the external network (the internet).

For that to happen, traffic must also be routed through your ISP and your modern/router, before it arrives to your Ubuntu server.

Somewhere along the way, the traffic is being stopped.

1 Like

None of those ports are accessible from the Internet.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.