Failed Authorizaion procedure

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I wanted to renew my certificate and I get this error:

Requesting to rerun ./certbot-auto with root privileges…
[sudo] password for panipro:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?


Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):
Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:ietf:params:acme:e rror:connection :: The server could not connect to the client to verify the doma in :: Fetching YvnzEilqFztRK2gfG446sN9AjcI: Timeout during connect (likely firewall problem)


  • The following errors were reported by the server:

    Type: connection
    Detail: Fetching K2gfG446sN9AjcI:
    Timeout during connect (likely firewall problem)

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you’re using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.

It seems like UPC (your ISP) is blocking port 80 to your server.

If not, perhaps check your firewall and port forwarding.

2 Likes times out. responds (using an expired certificate).

Do you have a firewall blocking port 80? Does your ISP? has an IP address on the same subnet, and it works, so it seems the ISP doesn’t have a total blackout on port 80.

1 Like

I’m gonna try adding a rule for the port 80
Thank you

Thank you both @mnordhoff and @_az it was indeed the problem with the port 80, I did the renew of my certificate no problem.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.