Please fill out the fields below so we can help you better.
My domain is:office.limefamily.cn
I ran this command: sudo certbot certonly --standalone
It produced this output: The server could not connect to the client to verify the domain :: Failed to connect to 124.207.241.1:443 for TLS-SNI-01 challenge
My operating system is (include version):CentOS 7
My web server is (include version):nginx 1.11
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
I doubt if let`s encrypt server can reach my site.Can someone ping it,and let me konw.
Your connection is pretty slow from the U.S. It’s possible to ping your server, though.
The errors resulting from trying to connect to ports 80 and 443 are different from the errors from trying to connect to other ports, suggesting a possible firewall somewhere in the path. I’ve read that some Chinese ISPs restrict the ability for customers to receive inbound connections on ports 80 or 443, so you might want to check if this is the case for your ISP.
Assuming you’re running tcpdump on the server, if your server didn’t ACK the inbound SYN, isn’t that likely to be a configuration problem of some kind with the server?