Connection refused on apache

Please fill out the fields below so we can help you better.

My domain is:

I ran this command: certbot --apache

It produced this output:
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Connection refused


  • The following errors were reported by the server:

    Type: connection
    Detail: Connection refused

My web server is (include version): apache 2.4.25, php 7.0

The operating system my web server runs on is (include version): raspian/debian 9.1 (lite no x11)

My hosting provider, if applicable, is: myself

I can login to a root shell on my machine (yes or no, or I don’t know): yes ssh/telnet

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Ensure the Internet has access to your system on port 443.
Perhaps a firewall is blocking?

I can telnet my web server from everywhere local/internet. It is the default raspian 9.1 stretch installation, I didn’t check if there is a firewall or not. I will
It is not easy to find prerequisites. As for Apache it is using tls, I have to allow 443 and 80. Do I need to have my own telnet server or is certbot shutting down web/telnet itself and using its own servers ?

So it looks that raspbian has not a firewall, and I configured my routeur to forward 80 & 443 port to my web server. 80 is working perfectly. I get wrong, telnet is using 23 not 443, sorry for the mistake but 443 was already forwarded.
I tried with “certbot-auto --apache”, I have the same error

Telnet test fails:

telnet 443
Connecting To…Could not open connection to the host, on port 443: Connect failed

Please show results for:
netstat -pant

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.