Error getting validation data

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.schymanski.eu

I ran this command: certbot --apache -d www.schymanski.eu

It produced this output:
Failed authorization procedure. www.schymanski.eu (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.schymanski.eu/.well-known/acme-challenge/YlmuA9NE6eN-keL4JClS_j-K_NjMJvUnmCs7era0GJo: Error getting validation data

My web server is (include version):
Server version: Apache/2.4.38 (Debian)
Server built: 2021-06-10T10:13:06

The operating system my web server runs on is (include version): Debian 4.19.194-3 (2021-07-18) x86_64 GNU/Linux

My hosting provider, if applicable, is: onyx.de

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0

I am running a local server and using redirection through cloudns.net. Thanks already for your help!!

Hi @schymans and welcome to the LE community forum

What is the rest of that message?

Note: You need a working HTTP site before you can secure it (via HTTP authentication method).

Hi @rg305,
Thanks a lot for the quick reply and sorry for my incomplete description. On www.schymanski.eu I only have the default apache2 welcome page. What I really care about is www.schymanski.eu/nextcloud.
Actually, it seems that certbot is trying to connect to http://www.schymanski.eu, but that one was deactivated earlier in favour of https. I can connect to the https-address after I accept the security risk due to a self-signed certificate.

Here is the full error message:
$ sudo certbot --apache -d www.schymanski.eu
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.schymanski.eu
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.schymanski.eu (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.schymanski.eu/.well-known/acme-challenge/YlmuA9NE6eN-keL4JClS_j-K_NjMJvUnmCs7era0GJo: Error getting validation data

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: www.schymanski.eu
  Type: connection
  Detail: Fetching
  http://www.schymanski.eu/.well-known/acme-challenge/YlmuA9NE6eN-keL4JClS_j-K_NjMJvUnmCs7era0GJo:
  Error getting validation data

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address. Additionally, please check that
  your computer has a publicly routable IP address and that no
  firewalls are preventing the server from communicating with the
  client. If you're using the webroot plugin, you should also verify
  that you are serving files from the webroot path you provided.

I just checked here: https://check-your-website.server-daten.de/?q=schymanski.eu

"If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask."

Here I am!

Actually, it wasn't that my ISP was blocking port 80, but just didn't open it. Now I opened port 80 in my router, and the error message went away.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.