Error with verify domain

Help
1

i execute the same procedure as usual

My domain is:ocsp.cie.interno.gov.it

the file published on my domain is correctly visible but when i try to find domain verify lets encrypt generate this output

Error: Domain challenge failed. Please start back at Step 1. {“identifier”:{“type”:“dns”,“value”:“ocsp.cie.interno.gov.it”},“status”:“invalid”,“expires”:“2020-06-04T10:25:45Z”,“challenges”:[{“type”:“http-01”,“status”:“invalid”,“error”:{“type”:“urn:ietf:params:acme:error:connection”,“detail”:“Fetching http://ocsp.cie.interno.gov.it/.well-known/acme-challenge/qiLhA3chw9fNchdq6dz7UTg-dFsmnWLwBNS1VrkdcXI: Timeout during connect (likely firewall problem)”,“status”:400},“url”:“https://acme-v02.api.letsencrypt.org/acme/chall-v3/4864520649/M9QlFw",“token”:“qiLhA3chw9fNchdq6dz7UTg-dFsmnWLwBNS1VrkdcXI”,“validationRecord”:[{“url”:“http://ocsp.cie.interno.gov.it/.well-known/acme-challenge/qiLhA3chw9fNchdq6dz7UTg-dFsmnWLwBNS1VrkdcXI”,“hostname”:“ocsp.cie.interno.gov.it”,“port”:“80”,“addressesResolved”:[“2.42.225.135”],“addressUsed”:"2.42.225.135”}]}]}

My web server is (include version):
Server version: Apache/2.2.15 (Unix)
Server built: Nov 18 2016 23:48:55
Server’s Module Magic Number: 20051115:25
Server loaded: APR 1.3.9, APR-Util 1.3.9
Compiled using: APR 1.3.9, APR-Util 1.3.9
Architecture: 64-bit

The operating system CentOS release 6.7 (Final)

My hosting provider, if applicable, is: Vodafone

I can login to a root shell on my machine (yes or no, or I don’t know):no

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): i dont use certbot

1 Like
2

Hi @alessandro

read your output:

There is no answer, your port 80 is dead. Rechecked - https://check-your-website.server-daten.de/?q=ocsp.cie.interno.gov.it - same picture:

Domainname Http-Status redirect Sec. G
http://ocsp.cie.interno.gov.it/ 2.42.225.135 -14 10.030 T
Timeout - The operation has timed out
https://ocsp.cie.interno.gov.it/ 2.42.225.135 -14 10.000 T
Timeout - The operation has timed out
http://ocsp.cie.interno.gov.it/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.42.225.135 -14 10.037 T
Timeout - The operation has timed out

Timeouts.

A working port 80 is required if you want to create a certificate.

May be someone has changed the firewall.

1 Like
3

nothing has changed in fw and port 80 listen correctly.

i write that the file published on web in the folder .well-known/acme-challenge is correctly visible

4

if you try this url

http://ocsp.cie.interno.gov.it/.well-known/acme-challenge/qiLhA3chw9fNchdq6dz7UTg-dFsmnWLwBNS1VrkdcXI

you must see the file published in webserver

5

No, I have a timeout.

Use the online tool to check the complete url. If the online tool can't see your content, Letsencrypt can't validate your domain.

1 Like
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.