Certificate renewal timeout

Help
1

Hi, I’ve been using Let’s Encrypt with no issues for some time and renewed certificates with no issue several times.
This time I’m getting timeouts when trying to renew them. Ports 80 and 443 are open.
Nothing has changed since the previous times.
I include the certbot log in the next post.
Any help would be appreciated.

Thank you.

My domain is: nexus.nuvolar.eu, docker.nuvolar.eu

I ran this command: sudo /usr/local/bin/certbot renew --debug

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/docker.nuvolar.eu.conf

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for docker.nuvolar.eu
http-01 challenge for nexus.nuvolar.eu
Waiting for verification…
Challenge failed for domain docker.nuvolar.eu
Challenge failed for domain nexus.nuvolar.eu
http-01 challenge for docker.nuvolar.eu
http-01 challenge for nexus.nuvolar.eu
Cleaning up challenges
Attempting to renew cert (docker.nuvolar.eu) from /etc/letsencrypt/renewal/docker.nuvolar.eu.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/docker.nuvolar.eu/fullchain.pem (failure)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/docker.nuvolar.eu/fullchain.pem (failure)

Exiting abnormally:
Traceback (most recent call last):
File “/usr/local/bin/certbot”, line 11, in
sys.exit(main())
File “/usr/local/lib/python2.7/site-packages/certbot/main.py”, line 15, in main
return internal_main.main(cli_args)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1347, in main
return config.func(config, plugins)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1255, in renew
renewal.handle_renewal_request(config)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/renewal.py”, line 473, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)
Please see the logfiles in /var/log/letsencrypt for more details.

IMPORTANT NOTES:

My web server is (include version): not a web server, Nexus Repository Manager, running on 8081, 8088 and 8443. Ports 80 and 443 are not used by it.

The operating system my web server runs on is (include version): Amazon Linux AMI 2018.03

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.3.0

1 Like
2

certbot log:

2020-04-17 11:50:08,357:DEBUG:certbot._internal.main:certbot version: 1.3.0
2020-04-17 11:50:08,358:DEBUG:certbot._internal.main:Arguments: [’–debug’]
2020-04-17 11:50:08,358:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-04-17 11:50:08,372:DEBUG:certbot._internal.log:Root logging level set at 20
2020-04-17 11:50:08,373:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-04-17 11:50:08,401:DEBUG:certbot._internal.plugins.selection:Requested authenticator <certbot._internal.cli.cli_utils._Default object at 0x7f467ac62c50> and installer <certbot._internal.cli.cli_utils._Default object at 0x7f467ac62c50>
2020-04-17 11:50:08,429:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): ocsp.int-x3.letsencrypt.org:80
2020-04-17 11:50:08,576:DEBUG:urllib3.connectionpool:http://ocsp.int-x3.letsencrypt.org:80 “POST / HTTP/1.1” 200 527
2020-04-17 11:50:08,577:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/docker.nuvolar.eu/cert2.pem is signed by the certificate’s issuer.
2020-04-17 11:50:08,580:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/docker.nuvolar.eu/cert2.pem is: OCSPCertStatus.GOOD
2020-04-17 11:50:08,583:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2020-04-26 09:11:57 UTC.
2020-04-17 11:50:08,583:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing…
2020-04-17 11:50:08,584:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None
2020-04-17 11:50:08,589:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot._internal.plugins.standalone:Authenticator
Initialized: <certbot._internal.plugins.standalone.Authenticator object at 0x7f467ac5e6d0>
Prep: True
2020-04-17 11:50:08,590:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.standalone.Authenticator object at 0x7f467ac5e6d0> and installer None
2020-04-17 11:50:08,590:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2020-04-17 11:50:08,592:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None, external_account_binding=None), uri=u’https://a
cme-v02.api.letsencrypt.org/acme/acct/71190060’, new_authzr_uri=None, terms_of_service=None), 79b7b50f8902aa8b121d2a57e2fa94a5, Meta(creation_host=u’ip-172-31-35-64.eu-west-3.compute.internal’, creation_dt=datetime.datetime(2019, 11, 6, 12, 20, 37, tzinfo=)))>
2020-04-17 11:50:08,593:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2020-04-17 11:50:08,594:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2020-04-17 11:50:09,146:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “GET /directory HTTP/1.1” 200 658
2020-04-17 11:50:09,147:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:09 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“NTxsRHHm2yQ”: “Adding random entries to the directory”,
“keyChange”: “https://acme-v02.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
letsencrypt.org
],
“termsOfService”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org
},
“newAccount”: “https://acme-v02.api.letsencrypt.org/acme/new-acct”,
“newNonce”: “https://acme-v02.api.letsencrypt.org/acme/new-nonce”,
“newOrder”: “https://acme-v02.api.letsencrypt.org/acme/new-order”,
“revokeCert”: “https://acme-v02.api.letsencrypt.org/acme/revoke-cert
}
2020-04-17 11:50:09,147:INFO:certbot._internal.main:Renewing an existing certificate
2020-04-17 11:50:09,250:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0012_key-certbot.pem
2020-04-17 11:50:09,252:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0012_csr-certbot.pem
2020-04-17 11:50:09,252:DEBUG:acme.client:Requesting fresh nonce
2020-04-17 11:50:09,252:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2020-04-17 11:50:09,756:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “HEAD /acme/new-nonce HTTP/1.1” 200 0
2020-04-17 11:50:09,757:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:09 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0002MR-KwicLrENXZXSRoawhwpI8yoGo34cijikuNCfqTCs
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

2020-04-17 11:50:09,757:DEBUG:acme.client:Storing nonce: 0002MR-KwicLrENXZXSRoawhwpI8yoGo34cijikuNCfqTCs
2020-04-17 11:50:09,757:DEBUG:acme.client:JWS payload:
{
“identifiers”: [
{
“type”: “dns”,
“value”: “docker.nuvolar.eu”
},
{
“type”: “dns”,
“value”: “nexus.nuvolar.eu”
}
]
}
2020-04-17 11:50:09,759:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
“protected”: “eyJub25jZSI6ICIwMDAyTVItS3dpY0xyRU5YWlhTUm9hd2h3cEk4eW9HbzM0Y2lqaWt1TkNmcVRDcyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzcxMTkwMDYwIiwgImFs
ZyI6ICJSUzI1NiJ9”,
“payload”: “ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJkb2NrZXIubnV2b2xhci5ldSIKICAgIH0sIAogICAgewogICAgICAidHlwZSI6ICJkbnMiLCAKICAgICAgInZhbHVlIjogIm5leHVzLm51dm9sYXIuZXUiCiAgICB9CiAgXQp9”,
“signature”: “leSa3kxL7LoCpiC8AGTch3AmxnCj5JzHrhDtxC9BQuUTFBVU7Nv630CeLYdBcqMPnEw1GKvHj3jRZ_ZQJDfuCNsmYfj5nYzch8wcIabXbT6bX1RRL40uuZOQo-tKW3Dn_nI9K9D7Nre5idVkNXlbWF-Unw1DF2HQwokY5-91oaZpqBePRkBay-sOTmw7GtWaNmRqGdhEF-6C0oO6JQavV_eCY3tc_oz-0Sg3ml9Oik3mXi-0OfdxMr6_oqZyFYFM
djALdASerRfz8n5HIZymgab7QQBhlrccWJmTk0am-IQqNmt4RRBP0QV-o8UxShiiFCs0rcf2j4qEg3IuQsnN2Q”
}
2020-04-17 11:50:09,981:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/new-order HTTP/1.1” 201 484
2020-04-17 11:50:09,982:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Fri, 17 Apr 2020 11:50:09 GMT
Content-Type: application/json
Content-Length: 484
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Location: https://acme-v02.api.letsencrypt.org/acme/order/71190060/3032582416
Replay-Nonce: 0002ebZEsXlt_CoQoDRtJr0znlD1MZ9YddpwM0PamClfBtU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“status”: “pending”,
“expires”: “2020-04-24T11:50:09.881715514Z”,
“identifiers”: [
{
“type”: “dns”,
“value”: “docker.nuvolar.eu”
},
{
“type”: “dns”,
“value”: “nexus.nuvolar.eu”
}
],
“authorizations”: [
https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690550”,
https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690552
],
“finalize”: “https://acme-v02.api.letsencrypt.org/acme/finalize/71190060/3032582416
}
2020-04-17 11:50:09,982:DEBUG:acme.client:Storing nonce: 0002ebZEsXlt_CoQoDRtJr0znlD1MZ9YddpwM0PamClfBtU
2020-04-17 11:50:09,982:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:09,984:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690550:
{
“protected”: “eyJub25jZSI6ICIwMDAyZWJaRXNYbHRfQ29Rb0RSdEpyMHpubEQxTVo5WWRkcHdNMFBhbUNsZkJ0VSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MCIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “ufCZr0QnS0fzWivFOQJ3-jvSN9fu8M1bklxst_mhCsmIUArl6LKzBW8Nw7DuZCMnJiCUSig18tOhersQ4NHzG2YKeyz4jOmi2IhUGg18OLAfQe6vSRhbA30BwS0DuLq-WGc50rnXUEXqXFF6CzyoK7rDl_ISeR_kRS89Q97S6sSyr0VVgUKJ0higcdX-bkyVjUYj4wYjnAtaYve1bEmPgEBBePlubdl2mGdF5HlGUKJQe_J6scsqwUayaLJiir20
S_ATtboFyzPSZwOwQduBD2pz36liqj-ZAQb-f8JifY7JYHDgw2hJxyzfMSPerQy25VzNGaLzMCwsK4PYXMswXQ”
}
2020-04-17 11:50:10,135:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690550 HTTP/1.1” 200 795
2020-04-17 11:50:10,135:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:10 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001HeIF8Z_xGWrmwvvxgNpIPvCmD_uDIoXodQLGVDeEznA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “docker.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/1kYk9g”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/e9VlPg”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
}
]
}
2020-04-17 11:50:10,136:DEBUG:acme.client:Storing nonce: 0001HeIF8Z_xGWrmwvvxgNpIPvCmD_uDIoXodQLGVDeEznA
2020-04-17 11:50:10,136:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:10,138:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690552:
{
“protected”: “eyJub25jZSI6ICIwMDAxSGVJRjhaX3hHV3Jtd3Z2eGdOcElQdkNtRF91RElvWG9kUUxHVkRlRXpuQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “FJtFQlMv8m8pfqazNOH-4CXnVS1FWxv6iSMTgXExqQgGtyjzftNj1Z3Ta8E7GD64XD7Fh_ynRbP7MJLi0p0GZQt-tL78FaiSiC0agpNDABsFOVOtO_Co4kVtSziQ9Lg0FUiXSvqaU–NUKuepBvvWi5XNvyvPHB2Ri9UQEJk1sNk7wwBDXpMsr9H2mIa2QQbby9Q2Fm1AwjO4YUfmt_hRdiBGlLSp84oBspa8GFu3jqL_O-jCvRzbLH9BhvOCO_P
Jlg32OQaLxJDxLh3oyHDfZLWVtNp7-32dafnIzE5GxHhLGeQucKzrSqpcYyxPop4GHIzfZWIrCZ0DYbS8Uu83Q”
}
2020-04-17 11:50:10,282:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690552 HTTP/1.1” 200 794
2020-04-17 11:50:10,283:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:10 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0002xSOckHINp6TsHXkGC_u_ypiSyB964BD5TMHJGIkMyNc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “nexus.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/u72BPg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/XmUVcw”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
}
]
}
2020-04-17 11:50:10,283:DEBUG:acme.client:Storing nonce: 0002xSOckHINp6TsHXkGC_u_ypiSyB964BD5TMHJGIkMyNc
2020-04-17 11:50:10,284:INFO:certbot._internal.auth_handler:Performing the following challenges:
2020-04-17 11:50:10,284:INFO:certbot._internal.auth_handler:http-01 challenge for docker.nuvolar.eu
2020-04-17 11:50:10,284:INFO:certbot._internal.auth_handler:http-01 challenge for nexus.nuvolar.eu
2020-04-17 11:50:10,285:DEBUG:acme.standalone:Successfully bound to :80 using IPv6
2020-04-17 11:50:10,285:DEBUG:acme.standalone:Certbot wasn’t able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.
2020-04-17 11:50:10,291:INFO:certbot._internal.auth_handler:Waiting for verification…
2020-04-17 11:50:10,291:DEBUG:acme.client:JWS payload:
{
“type”: “http-01”,
“resource”: “challenge”
}
2020-04-17 11:50:10,293:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w:
{
“protected”: “eyJub25jZSI6ICIwMDAyeFNPY2tISU5wNlRzSFhrR0NfdV95cGlTeUI5NjRCRDVUTUhKR0lrTXlOYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvNDAxMzY5MDU1MC9FWjM3MXciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2Fj
Y3QvNzExOTAwNjAiLCAiYWxnIjogIlJTMjU2In0”,
“payload”: “ewogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9”,
“signature”: “vtyltaXSIEsQO4uyWItgXSxSgxtnW0ZM6VpiHAxdxvCR1bsUGaHe-hOAOIHP4gQ0vOcUgvM_PSVZfiUPk2m9Eb0wY7IFo5IaFNsTh0mmo9TtDpnpwC9oaFoWR7R2CmMqjJb7u6AEPOwETKs7J7JxyBstEi8SAPXnznsFftBncGP3tAEmAin3C5ficHf207jo-3g4f-qZj_74Omsc0-icfizcm0JILbSr6cHXSYP0qo3uwKldimqmZ3MRHRO4d2Qy
hGlnArZZWeg5iyDkGFRiWh_RHLQSf1KwIpap4fCuTg7pO-EbgrNDbY_nkbSdpHFOblk6zAQBWNRoNh71fuPP3g”
}
2020-04-17 11:50:10,440:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/chall-v3/4013690550/EZ371w HTTP/1.1” 200 185
2020-04-17 11:50:10,441:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:10 GMT
Content-Type: application/json
Content-Length: 185
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”, https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690550;rel=“up”
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w
Replay-Nonce: 0001qG_Od-3t114MwfEO1iyVAADY5xIPndLy53FOSa3L508
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
}
2020-04-17 11:50:10,441:DEBUG:acme.client:Storing nonce: 0001qG_Od-3t114MwfEO1iyVAADY5xIPndLy53FOSa3L508
2020-04-17 11:50:10,442:DEBUG:acme.client:JWS payload:
{
“type”: “http-01”,
“resource”: “challenge”
}
2020-04-17 11:50:10,443:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg:
{
“protected”: “eyJub25jZSI6ICIwMDAxcUdfT2QtM3QxMTRNd2ZFTzFpeVZBQURZNXhJUG5kTHk1M0ZPU2EzTDUwOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvNDAxMzY5MDU1Mi9kd1l5eGciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2Fj
Y3QvNzExOTAwNjAiLCAiYWxnIjogIlJTMjU2In0”,
“payload”: “ewogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9”,
“signature”: “F7rhACMyTqdbXSkHjDHF9GCxag5CakgVczH8snHMM7e4x7zz8sr1wBhaMcXzuO4oqvVJJ-ZZ83a-MqXy9qRCwsGi_yOs9ViZtO2uOkMDhQ_Q6JwPaUaRee1PIobvN9_XZ34kpSjcr_pQhMM0L9XQaJuUU3WSgb_gS3d1noSN3CEUD6Nx6LvzPeKNi836eouwQctymDl087aB3gdV5MUayoeDgsIvnpFs2-yj-GR9CHbZg3KytLhpX2MSxio_BzTM
ECgZoT_ZJRNT4AN5zg22WYqp2oFdCM9HGecUiZMPI4-VzM8Sq-ty656IfBBT-m1fltQSswgAfN6kqBzqBvn2EA”
}
2020-04-17 11:50:10,608:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/chall-v3/4013690552/dwYyxg HTTP/1.1” 200 185
2020-04-17 11:50:10,608:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:10 GMT
Content-Type: application/json
Content-Length: 185
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”, https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690552;rel=“up”
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg
Replay-Nonce: 0001iesBXsy-L2jRzG_giacxIPW5BdLtRCpewQi6mmthuFQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
}
2020-04-17 11:50:10,609:DEBUG:acme.client:Storing nonce: 0001iesBXsy-L2jRzG_giacxIPW5BdLtRCpewQi6mmthuFQ
2020-04-17 11:50:11,610:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:11,612:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690550:
{
“protected”: “eyJub25jZSI6ICIwMDAxaWVzQlhzeS1MMmpSekdfZ2lhY3hJUFc1QmRMdFJDcGV3UWk2bW10aHVGUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MCIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “TtQNpXw2mrHKQJWcwl43crGKgnW6YR-XLFS_P1psFQlajTefMyrKC4saOQYFcqDsz2yAqcjsHycJHeLA4aGb-80n4hnOMvcHpFihf_fu4veCRwMdyLmrOssroiWdIRNM2ihS18UctB0vtiboOXmu8i3vV2DuaVEJoTqka10YuvEYiFaTvSg4RUfzZHFI-y0nk1U8BAAlgY0sxhwKMb9jy1CsF12ZNPbrF4mJly45FQ0xtoKOe7SeuN-ckMVQCPF-
kEDSih_o2iRQ7Fsr-CyQJbpLCQ8-i1_joOmBRSWHaX7plJ6Reo0KVK7QpXvFt8Xjwe3IHvJYf8hH2_28zNXK0A”
}
2020-04-17 11:50:11,758:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690550 HTTP/1.1” 200 795
2020-04-17 11:50:11,759:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:11 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001x1JWhH5_kgXXAcZIcQ937b0RWZjAkjbZUA2Ivj1QZGQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “docker.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/1kYk9g”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/e9VlPg”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
}
]
}
2020-04-17 11:50:11,759:DEBUG:acme.client:Storing nonce: 0001x1JWhH5_kgXXAcZIcQ937b0RWZjAkjbZUA2Ivj1QZGQ
2020-04-17 11:50:11,759:DEBUG:acme.client:JWS payload:

1 Like
3

2020-04-17 11:50:11,761:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690552:
{
“protected”: “eyJub25jZSI6ICIwMDAxeDFKV2hINV9rZ1hYQWNaSWNROTM3YjBSV1pqQWtqYlpVQTJJdmoxUVpHUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “jQOCWKqTN3OCt5YeYUg0vKrjxiK4_1LQgjgrhia6urIT9DwvCVnv2gqGMNYmytnunfOfDP2_niNhj_6RSwaPEdxWZyxuM0cw6j7q38cdhB5UdGecG9B0ejrgbcz0axQOgI5NYOPk5T23YnEtPn0aaRp8B0_ojsKzjdj6ugjLlXcrs69HWMoQXZWAiVgzX4cGN5cu3fIbXT7FNEYsfgHqfiIGTlkznUpzbItB7k4F6XEteuYM_Sxs4eRHeAZ2_sXd
qKxUQK8t0SN6Qb_kaIrJsHOVvGomjd1dQiZBkyIfAHM6R2W4gmEmmcdxg42DGWPbuOOxHBWhR8byxg2nhoNxmA”
}
2020-04-17 11:50:11,921:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690552 HTTP/1.1” 200 794
2020-04-17 11:50:11,922:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:11 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001LTIsPlZElUfnBFFXwi6MZJgTUy2QkMlxBOonshpi6C8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “nexus.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/u72BPg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/XmUVcw”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
}
]
}
2020-04-17 11:50:11,923:DEBUG:acme.client:Storing nonce: 0001LTIsPlZElUfnBFFXwi6MZJgTUy2QkMlxBOonshpi6C8
2020-04-17 11:50:14,926:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:14,928:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690550:
{
“protected”: “eyJub25jZSI6ICIwMDAxTFRJc1BsWkVsVWZuQkZGWHdpNk1aSmdUVXkyUWtNbHhCT29uc2hwaTZDOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MCIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “xPxfW35BnPRyCAciV8mUijTE4GD4a1JDWrprzV78QdgC3Coy2ylZquwy-VxQPOQBD5HnUmnqYu4S_8f8kAS_8t87h0eOXrIOv7C6Ngkk6UrXDObD5I2m4JqCK7f1LllQ62cJgaHaTveg-VsPo6G8fRhKa-cbinp9OjYlWJUd5arCHAox8sQ_tUU4ZNzQpz7ocZx3n3Q_SFIOF-UDEgJA6Vr6EbJX5GqkQps_4Ba1JsU_PFBLvpFQb1NXWo2NHdtr
D6zl_WAdq2ik0DHQ56WfA48UZBy-alZVlAscUW2YPUDiB9nOwrOBYh6kSE6lCnZwmaqrwlVgCJdKwjaOmT-N6w”
}
2020-04-17 11:50:15,071:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690550 HTTP/1.1” 200 795
2020-04-17 11:50:15,071:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:15 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001ixpIG73t4FrkGqV55V66wEEqT9ZAtY4jgRBKvlI2Q7c
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “docker.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/1kYk9g”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/e9VlPg”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
}
]
}
2020-04-17 11:50:15,071:DEBUG:acme.client:Storing nonce: 0001ixpIG73t4FrkGqV55V66wEEqT9ZAtY4jgRBKvlI2Q7c
2020-04-17 11:50:15,072:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:15,073:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690552:
{
“protected”: “eyJub25jZSI6ICIwMDAxaXhwSUc3M3Q0RnJrR3FWNTVWNjZ3RUVxVDlaQXRZNGpnUkJLdmxJMlE3YyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “rvItRN2jRA6EpeSKu_uBTEmnjhiGcrUbVHtaBf9x-rWGFkmuP8jaxp7QOBqCcxoA1dDbHaMzX4M5S5agKRGeh2mVvr-vwMaw6NffeXbZqx6jyzVgBUv1gri1dbCZsJftmz3ftVo7M8st9X3SG3eqnAMo5CbVxdTfFVe6ECXkFuLDvEjdnZies1TgMS36PIHjttK8AdznOJvb8Sfx-JBWnzfxJ_3GeoN3EYRD85N7JglfpekrXK0Y4I6VS6w7RIYG
_EhdC6ET0nsU315iSFaGtMZ2oSddqNbrEth9DSkGPdobcYPw1RIBMPjSg6eG37HeTFB8LLvvLOEB-4-ft8UrUQ”
}
2020-04-17 11:50:15,219:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690552 HTTP/1.1” 200 794
2020-04-17 11:50:15,220:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:15 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0002Wu0xoHNCKu4pIsO4aJmSkPxEPdxgMVQpJOrPqkgQ9l4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “nexus.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/u72BPg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/XmUVcw”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
}
]
}
2020-04-17 11:50:15,220:DEBUG:acme.client:Storing nonce: 0002Wu0xoHNCKu4pIsO4aJmSkPxEPdxgMVQpJOrPqkgQ9l4
2020-04-17 11:50:18,224:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:18,226:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690550:
{
“protected”: “eyJub25jZSI6ICIwMDAyV3UweG9ITkNLdTRwSXNPNGFKbVNrUHhFUGR4Z01WUXBKT3JQcWtnUTlsNCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MCIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “TP1iM5ys1y7b5Co93DSp5VkFoY5uq94Qp2fRp8JD4abVdNn1uBXcoZYgo0XRwa9ym88TZ5y82Xo9OVOQ8j_1zCwDKT8OtQ0jn-Y2e2GRoAn2e1j6ydZD2e7ORYPTly4GG4YkMhqhDLbNeAuI7eE_cika_q7oTJkgyVi-CDaJSty_npCFxRCjR38AvrEygEKg1-dEmf7_v9OOeEPXnFdq9r_4S8L75VvEQcZw-3X4WQ_j4f3ZzoqGvhosYBPC_yw2
giccaL8Y2tYty10oXPtno8bHmvMaMiFkDi1XAMMdX8G0YD4X4HMZS6tTrHMUWRvfleRWke0qll-47DxJluC_6w”
}
2020-04-17 11:50:18,408:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690550 HTTP/1.1” 200 795
2020-04-17 11:50:18,409:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:18 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 00029J4a7RcKaHX–9UkZyHLQp77iA76iz_2R5CHA7r9gfY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “docker.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/1kYk9g”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/e9VlPg”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”
}
]
}
2020-04-17 11:50:18,409:DEBUG:acme.client:Storing nonce: 00029J4a7RcKaHX–9UkZyHLQp77iA76iz_2R5CHA7r9gfY
2020-04-17 11:50:18,409:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:18,411:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690552:
{
“protected”: “eyJub25jZSI6ICIwMDAyOUo0YTdSY0thSFgtLTlVa1p5SExRcDc3aUE3Nml6XzJSNUNIQTdyOWdmWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “W3Nyt0CBOmBOIX1LJKD3EiJ8KcfsN8vJJTSFckHYVeRJg6q62h5iwKkJ1Raja0_EMVYgn5q3obl_TiiVE2e7OSPYJPDp4HWCdRDlBnf_hs2s2vQltZMMVJfomY5JJjScgwRVR8ULqi_kAB5tQznZnRkPKggKApMQ1vin8tg2n3tF4roTW4vOHXUXOjwQpyTd6VnMYmiXpcojtNcRG3ebtE44CxJou8Hc6q7qD64oNFjq3ImZSSuF0ZGgBuANVXRv
ehHj7Zvk0G4trmrnEzWE3scK3ZLDuEUgSVKRRiqGLfs7fXXqYlSqvNd09yEx0ZsEij0GOU97G3US2XQH4Ej6nw”
}
2020-04-17 11:50:18,805:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690552 HTTP/1.1” 200 794
2020-04-17 11:50:18,806:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:18 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0001vkGbZLhbOS38A7fx21QgrOfkcN2ibRRhS_fkFJOEAUQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “nexus.nuvolar.eu”
},
“status”: “pending”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “dns-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/u72BPg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
},
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/XmUVcw”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”
}
]
}
2020-04-17 11:50:18,806:DEBUG:acme.client:Storing nonce: 0001vkGbZLhbOS38A7fx21QgrOfkcN2ibRRhS_fkFJOEAUQ
2020-04-17 11:50:21,809:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:21,811:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690550:
{
“protected”: “eyJub25jZSI6ICIwMDAxdmtHYlpMaGJPUzM4QTdmeDIxUWdyT2ZrY04yaWJSUmhTX2ZrRkpPRUFVUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MCIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “ET3F0dHSWTYSLncpf3Sc497lt6ugwo5RApIYJRZ3pexwhTmYdFzNibgzR-O7aRGD1f30QyRWw2Jz2GDEqYp7-7javNQQk2p-m8yTPLompkb9kQPLXUnVPPHjTCnb7_M-rCGBBtTuIlo86Gt7Dn-J7bwQbzY5ZoG5abti5bn0yddfL-pSyJant1E0PEuuHeun8vTcRjGCzoJYdCsz5dLgpGOkRqiwzmYPRg8wG-r7CNLuZcT5kPzIyrGLXg2VFsX-
YlAT0l0uG-EwSL_s7UYQMwh73IiRM8xG3oE_CnvKHDcX91MAvdEIFmGaihyC8-o51xaBUkCm_AWWQM1jM7iRxw”
}
2020-04-17 11:50:21,959:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690550 HTTP/1.1” 200 1006
2020-04-17 11:50:21,960:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:21 GMT
Content-Type: application/json
Content-Length: 1006
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0002ydmdsBxXCf6kZZn5kfWHVp5Dx5gAtIJ1dIzt8qp_GlI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “docker.nuvolar.eu”
},
“status”: “invalid”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching http://docker.nuvolar.eu/.well-known/acme-challenge/DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw: Timeout during connect (likely firewall problem)”,
“status”: 400
},
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690550/EZ371w”,
“token”: “DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”,
“validationRecord”: [
{
“url”: “http://docker.nuvolar.eu/.well-known/acme-challenge/DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw”,
“hostname”: “docker.nuvolar.eu”,
“port”: “80”,
“addressesResolved”: [
“52.47.138.221”
],
“addressUsed”: “52.47.138.221”
}
]
}
]
}
2020-04-17 11:50:21,960:DEBUG:acme.client:Storing nonce: 0002ydmdsBxXCf6kZZn5kfWHVp5Dx5gAtIJ1dIzt8qp_GlI
2020-04-17 11:50:21,960:DEBUG:acme.client:JWS payload:

2020-04-17 11:50:21,962:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/4013690552:
{
“protected”: “eyJub25jZSI6ICIwMDAyeWRtZHNCeFhDZjZrWlpuNWtmV0hWcDVEeDVnQXRJSjFkSXp0OHFwX0dsSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvNDAxMzY5MDU1MiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83MTE5
MDA2MCIsICJhbGciOiAiUlMyNTYifQ”,
“payload”: “”,
“signature”: “EvhvdLtBkRxzQ9HZJIZnWYnEv_r6pbNZE5mBnVSLK_ptCxdOjliHr-ObYdGOzjN3BUNSWogQe1uXJFM9AWiKrxV9hUnfmlppHijzsp5o_pj4hgSGXJz52H7nPLmXlOxHhpLDHHe7fQEqL5Y7Daxdd2MAItFXhMCtAGs-mvBp9BzuDKmiooRMCFh24rCOzzrOu6Ov0R0I7ZWMMchY8kBGpbp9aGoa4lTRKMEMAVE_Z_9fbZX_rehp7B39q1H1_QhQ
yGHlxhKFWczzcpFH9iW-k1rcN_w6mSoXDBOJj5Qq9qZN75nmEaWOmZ_8ysatmVgSdvkzUQkO8QOWuEx4KS7BhQ”
}
2020-04-17 11:50:22,104:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “POST /acme/authz-v3/4013690552 HTTP/1.1” 200 1002
2020-04-17 11:50:22,104:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 17 Apr 2020 11:50:22 GMT
Content-Type: application/json
Content-Length: 1002
Connection: keep-alive
Boulder-Requester: 71190060
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel=“index”
Replay-Nonce: 0002wdrxsQppUBV2DKq_Qyr3OCYrqSwepGhQCoBK6vKTvqA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
“identifier”: {
“type”: “dns”,
“value”: “nexus.nuvolar.eu”
},
“status”: “invalid”,
“expires”: “2020-04-24T11:50:09Z”,
“challenges”: [
{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching http://nexus.nuvolar.eu/.well-known/acme-challenge/y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc: Timeout during connect (likely firewall problem)”,
“status”: 400
},
“url”: “https://acme-v02.api.letsencrypt.org/acme/chall-v3/4013690552/dwYyxg”,
“token”: “y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”,
“validationRecord”: [
{
“url”: “http://nexus.nuvolar.eu/.well-known/acme-challenge/y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc”,
“hostname”: “nexus.nuvolar.eu”,
“port”: “80”,
“addressesResolved”: [
“52.47.138.221”
],
“addressUsed”: “52.47.138.221”
}
]
}
]
}
2020-04-17 11:50:22,105:DEBUG:acme.client:Storing nonce: 0002wdrxsQppUBV2DKq_Qyr3OCYrqSwepGhQCoBK6vKTvqA
2020-04-17 11:50:22,105:WARNING:certbot._internal.auth_handler:Challenge failed for domain docker.nuvolar.eu
2020-04-17 11:50:22,105:WARNING:certbot._internal.auth_handler:Challenge failed for domain nexus.nuvolar.eu
2020-04-17 11:50:22,106:INFO:certbot._internal.auth_handler:http-01 challenge for docker.nuvolar.eu
2020-04-17 11:50:22,106:INFO:certbot._internal.auth_handler:http-01 challenge for nexus.nuvolar.eu
2020-04-17 11:50:22,106:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server:

Domain: docker.nuvolar.eu
Type: connection
Detail: Fetching http://docker.nuvolar.eu/.well-known/acme-challenge/DTF6pDfdCVybeJn4TID7joRSfN9NCxPATUxDKgciBGw: Timeout during connect (likely firewall problem)

Domain: nexus.nuvolar.eu
Type: connection
Detail: Fetching http://nexus.nuvolar.eu/.well-known/acme-challenge/y-B_3bKlieUnOYJp_oFjdUPH4FUJZDYBg8_zhaIbYPc: Timeout during connect (likely firewall problem)

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preve
nting the server from communicating with the client. If you’re using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2020-04-17 11:50:22,106:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 180, in _poll_authorizations
raise errors.AuthorizationError(‘Some challenges have failed.’)
AuthorizationError: Some challenges have failed.

2020-04-17 11:50:22,107:DEBUG:certbot._internal.error_handler:Calling registered functions
2020-04-17 11:50:22,107:INFO:certbot._internal.auth_handler:Cleaning up challenges
2020-04-17 11:50:22,107:DEBUG:certbot._internal.plugins.standalone:Stopping server at :::80…
2020-04-17 11:50:22,306:WARNING:certbot._internal.renewal:Attempting to renew cert (docker.nuvolar.eu) from /etc/letsencrypt/renewal/docker.nuvolar.eu.conf produced an unexpected error: Some challenges have failed… Skipping.
2020-04-17 11:50:22,307:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/renewal.py”, line 448, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1176, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 116, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/renewal.py”, line 306, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 344, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 391, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 180, in _poll_authorizations
raise errors.AuthorizationError(‘Some challenges have failed.’)
AuthorizationError: Some challenges have failed.

2020-04-17 11:50:22,307:ERROR:certbot._internal.renewal:All renewal attempts failed. The following certs could not be renewed:
2020-04-17 11:50:22,307:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/docker.nuvolar.eu/fullchain.pem (failure)
2020-04-17 11:50:22,308:ERROR:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/local/bin/certbot”, line 11, in
sys.exit(main())
File “/usr/local/lib/python2.7/site-packages/certbot/main.py”, line 15, in main
return internal_main.main(cli_args)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1347, in main
return config.func(config, plugins)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1255, in renew
renewal.handle_renewal_request(config)
File “/usr/local/lib/python2.7/site-packages/certbot/_internal/renewal.py”, line 473, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)

1 Like
4

I get “connection refused” for port 443 and a timeout for port 80. It seems it’s not open. Can you check all the firewall rules, security groups, forwarding stuff…?

1 Like
5

Screenshot 2020-04-19 at 02.34.28
Screenshot 2020-04-19 at 02.34.281918×258 18 KB

I attach the AWS security group inbound rules I use. Both ports are open and available.
I use the standalone configuration since the server I am running is serving on ports 8088 and 8443 and is not ‘supported’ by certbot (Nexus Repository Manager).

I renewed the certificate not that long ago without any issues with the exact same configuration.

6

Screenshot 2020-04-19 at 02.34.40
Screenshot 2020-04-19 at 02.34.401780×160 6.72 KB

(I cannot post more than one image)

7

Problem solved. Ports were open but bound. That’s why certbot was not getting the response.
Thanks.

8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.