Cleaning up challenges Problem binding to port 80: Could not bind to IPv4 or IPv6

charset · March 7, 2020, 11:00am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:https://getjapan.ru/

I ran this command: sudo -H ./letsencrypt-auto certonly --standalone --renew-by-default -d getjapan.ru -d www.getjapan.ru

It produced this output: Cleaning up challenges Problem binding to port 80: Could not bind to IPv4 or IPv6.

My web server is (include version): nginx/1.4.6 (Ubuntu)

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

next command
ss -tlnp | grep -E “:(80|443)”
the following returns to me
LISTEN 0 511 *:80 : users:((“nginx”,1296,24),(“nginx”,1295,24),(“nginx”,1294,24),(“nginx”,1293,24),( “nginx”,1292,24),(“nginx”,1291,24),(“nginx”,1290,24),(“nginx”,1289,24),(“nginx”, 1288,24),(“nginx”,1287,24),(“nginx”,1286,24),(“nginx”,1285,24),(“nginx”,1284,24) ,(“nginx”,1283,24),(“nginx”,1282,24),(“nginx”,1281,24),(“nginx”,1280,24))
LISTEN 0 511 :443 : users:((“nginx”,1296,26),(“nginx”,1295,26),(“nginx”,1294,26),(“nginx”,1293,26),( “nginx”,1292,26),(“nginx”,1291,26),(“nginx”,1290,26),(“nginx”,1289,26),(“nginx”, 1288,26),(“nginx”,1287,26),(“nginx”,1286,26),(“nginx”,1285,26),(“nginx”,1284,26) ,(“nginx”,1283,26),(“nginx”,1282,26),(“nginx”,1281,26),(“nginx”,1280,26))
LISTEN 0 511 :::80 ::: users:((“nginx”,1296,25),(“nginx”,1295,25),(“nginx”,1294,25),(“nginx”,1293,25),( “nginx”,1292,25),(“nginx”,1291,25),(“nginx”,1290,25),(“nginx”,1289,25),(“nginx”, 1288,25),(“nginx”,1287,25),(“nginx”,1286,25),(“nginx”,1285,25),(“nginx”,1284,25) ,(“nginx”,1283,25),(“nginx”,1282,25),(“nginx”,1281,25),(“nginx”,1280,25))

9peppe · March 7, 2020, 11:08am

where did you get this command? forget all about it.

certbot it complaining that port 80 is already bound by some other process, nginx. You can't and should not use --standalone if you are hosting a website on port 80.

you have two alternatives: use --nginx (easier) or use --webroot (read the certbot documentation)

and remove --renew-by-default, that means --force-renewal, it will renew your cert even if it's one hour old.

moreover, I don't know why you are using certbot certonly instead of certbot run or just certbot, which will install the cert and reload nginx too.

charset · March 7, 2020, 11:17am

Thanks. The problem was resolved as follows - nginx server and executed again. Everything has been updated.

Osiris · March 7, 2020, 1:03pm

Not sure what you mean by that. Did you stop nginx and ran the certbot command again? If so, why for the love of IPU, why? Like @9peppe said, it's probably WAY better to use the nginx plugin (you can use it just for authentication without the installing stuff with -a nginx) or the webroot plugin. That way there is no down-time.

Also, --renew-by-default SHOULD NOT BE USED AT ALL unless you're absolutely sure you need it to force an update. For example, with the whole revoking thingy recently.

charset · March 7, 2020, 7:17pm

I’ll check in a couple of days. Because stopping the server is not an option, I agree.

system · April 6, 2020, 7:17pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.