Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
I request certificate from Webmin Configuration > Let’s Encryp > Request Certificate
It produced this output:
webmin.yriver-tech.com challenge did not pass: Fetching http://webmin.yriver-tech.com/.well-known/acme-challenge/fxh1geix1L7ECmXKWDFzpY5ngVaWrSk0JtKs9YCZ9-s: Connection refused
My web server is (include version):
Webmin version 1.900
The operating system my web server runs on is (include version):
Webmin version 1.900
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I can login to the Webmin admin with root and alternate root
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
This shows me that port 80 is not responding to LE requests.
[perhaps blocked by the ISP or firewall]
Which I can confirm from my own system:
--2019-02-13 02:44:35-- http://webmin.yriver-tech.com/.well-known/acme-challenge/1234
Resolving webmin.yriver-tech.com (webmin.yriver-tech.com)... 188.8.131.52
Connecting to webmin.yriver-tech.com (webmin.yriver-tech.com)|184.108.40.206|:80... failed: Connection timed out.
To make things worse, even port 443 is unresponsive/blocked.
Now I'm thinking Geo-Location blocking is in enabled.
You would have to allow at least port 80 access to validate the cert.
OR use something like DNS validation.
[if this is a very restricted system]
I tried with DNS Validation but receive below error. Can you help?
Requesting a new certificate for webmin01.yriver-tech.com, using DNS validation …
… request failed : Neither DNS zone webmin01.yriver-tech.com or any of its sub-domains exist on this system
DNS validation would require a TXT record be created in the Internet zone for the FQDN as:
The authoritative DNS server is at IP 220.127.116.11:
nslookup -q=ns yriver-tech.com
ns1.yriver-tech.com internet address = 18.104.22.168
ns2.yriver-tech.com internet address = 22.214.171.124
Unfortunately I’m not familiar with how to instruct Webmin to handle DNS authentication.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.