ConnectionError: HTTPSConnectionPool(host=’acme-v02.api.letsencrypt.org’, port=443)

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: dendietcontrung.net

I ran this command: /opt/letsencrypt/certbot-auto certonly –standalone

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
An unexpected error occurred:
ConnectionError: HTTPSConnectionPool(host=’acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(‘: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution’,))
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version): Cloud server

The operating system my web server runs on is (include version): Linux

My hosting provider, if applicable, is: Viettel idc

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Is the server’s DNS resolver working?

If you run “dig acme-v02.api.letsencrypt.org” or “dig www.google.com”, what’s the output?

When i run “dig acme-v02.api.letsencrypt.org” the output is

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> acme-v02.api.letsencrypt.org
;; global options: +cmd
;; connection timed out; no servers could be reached

When i run “dig www.google.com” the out is"
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12301
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com. IN A

;; ANSWER SECTION:
www.google.com. 300 IN A 172.217.194.106
www.google.com. 300 IN A 172.217.194.103
www.google.com. 300 IN A 172.217.194.104
www.google.com. 300 IN A 172.217.194.105
www.google.com. 300 IN A 172.217.194.147
www.google.com. 300 IN A 172.217.194.99

;; Query time: 27 msec
;; SERVER: 115.84.181.20#53(115.84.181.20)
;; WHEN: Sat Apr 27 11:59:41 +07 2019
;; MSG SIZE rcvd: 128

Please advise

That’s strange.

What happens if you try “dig acme-v02.api.letsencrypt.org” several times, and:

dig eff.org
dig golang.org
dig letsencrypt.org
dig mozilla.org

Hi @luongtienltc

looks like your local dns is buggy. May be a problem of your configuration, may be a problem of your hoster.

Do you have an old, now wrong hosts - entry?

Perhaps add

23.63.149.194 acme-v02.api.letsencrypt.org
2a02:26f0:fc:290::3a8e: acme-v02.api.letsencrypt.org

in your hosts file.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.