Certificate renewal failure

Help
1

My domain is: test-api.pickleapp.in

I ran this command: sudo certbot renew --force-renewal

It produced this output: Attempting to renew cert (test-api.pickleapp.in) from /etc/letsencrypt/renewal/test-api.pickleapp.in.conf produced an unexpected error: Failed authorization procedure. test-api.pickleapp.in (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://test-api.pickleapp.in/.well-known/acme-challenge/qrme6LuG-af0V9JS3DjRTUP-UYpo5nkMjY1RCEn7A4U: Timeout during connect (likely firewall problem). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/test-api.pickleapp.in/fullchain.pem (failure)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/test-api.pickleapp.in/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

The operating system my web server runs on is (include version):ubuntu

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2 Likes
2

Welcome to the Let's Encrypt Community, Mobin :slightly_smiling_face:

Do you have a firewall in the way?

Screenshot_20201017-111909_Samsung Internet
Screenshot_20201017-111909_Samsung Internet1080×2361 846 KB

2 Likes
3

We are currently using an AWS EC2, but rather than a normal security group, we don't have a firewall.

2 Likes
4

I can't reach http://test-api.pickleapp.in/ either.
You will need to get that working before certbot can work.
Unless you are planning to always use certbot in --standalone mode.

[&2* readers: Get involved; Be heard. It starts with: if you read something you like, then like it :heart:]

1 Like
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.