Certificate renewal error on a new operating system (Reinstalled)

Hello everyone, I have a problem with the renewal of a subdomain of mine.
I had a working ssl certificate with certbot, but the server crashed, and we had to reinstall the web application in another operating system, so when we want to renew the domain (which has already expired) we receive this error message:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for AAA.XXX.edu.pe

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: AAA.XXX.edu.pe
Type: connection
Detail: xx.xx.xx.xx: Fetching http://AAA.XXX.edu.pe/.well-known/acme-challenge/mbo8X-Q9vaYQCu8PdlPhDO7MvEMbFsPbX-1-eLfCIgg: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

We have tried to carry out all the manual steps of renewing the certificate but we could not succeed, I hope someone can give me some light to solve this, thank you very much everyone

Hi @vacosta, and welcome to the LE community forum :slight_smile:

Is the HTTP site accessible from the Internet?


Here are a couple of online tools to remotely check sites:

  1. This one will take a Fully Qualified Domain Name or an IP Address https://check-host.net/
  2. This one will only take an IP Address TCP Port Scanner, Online Port Scan, Port Scanning | IPVoid
1 Like

Yes, the site is accessible over the internet via HTTP (80)

Is there any GeoLocation blocking?


Is there a Palo Alto Networks brand firewall somewhere in front of your server?

Does the Let's Debug test site show any other errors? (link here)