The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): 220.127.116.11336
config checks failed to verify http://wxs.situ.edu.cn is both publicly accessible and can serve extensionless files e.g. http://wxs.situ.edu.cn/.well-known/acme-challenge/configcheck
how can I resolve it?
That's a precondition to use letsencrypt: it's necessary to have a publicly accessible web server, it makes no sense to have a public certificate if you don't have one. There are lot of possible reasons your site can't be accessed from Letsencrypt servers (and my computer too), and that's a problem very difficult to debug from the outside... If it's the notorious China firewall, I'm afraid that Letsencrypt can do nothing about it.
I have found the problem, which is really the cause of the firewall. I want to know which other ports besides 443 and 80 will be affected
After turning off the firewall, use netstat to check the port status. The certificate was updated successfully
Firewall open, 443 and 80 restrictions will not work even if removed, there should be other ports affecting certificate updates
Do you know?
for getting a certificate with the http challenge, your computer must be able to:
(1) receive connections on port 80 and 443, the 443 port encryption should work fully (not blocked by smart firewall)
(2) connect to the outside on port 443 (idem, encryption should not be blocked by smart firewall)
(3) be able to do dns requests (obviously, that’s a general condition to use internet)
If you can tick all that, I think you should be fine (that’s my personal experience, I’m not a Let’s encrypt engineer)
that’s not a certbot version number. These are max. 0.35 / 0.36.
What’s your client?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.