Failed authorization procedure. cloud.bohbotsystems.ca

My domain is: bohbotsystems.ca

I ran this command: install_certbot (https://github.com/nextcloud/vm/blob/master/lets-encrypt/activate-ssl.sh)

It produced this output:
Failed authorization procedure. cloud.bohbotsystems.ca (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://cloud.bohbotsystems.ca/.well-known/acme-challenge/AlISJ-42GHbRi-7O5lJiJ0mIo3T3LEDW2LBoy-s2i_k: Timeout during connect (likely firewall problem)

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: cloud.bohbotsystems.ca
    Type: connection
    Detail: Fetching
    http://cloud.bohbotsystems.ca/.well-known/acme-challenge/AlISJ-42GHbRi-7O5lJiJ0mIo3T3LEDW2LBoy-s2i_k:
    Timeout during connect (likely firewall problem)

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you’re using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.

My web server is (include version): Apache2

The operating system my web server runs on is (include version): Ubuntu server 18.04.02 LTS

My hosting provider, if applicable, is: godaddy

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

As the error message suggests, your server doesn’t respond to traffic over port 80.

See: https://letsencrypt.org/docs/allow-port-80/

Some DuckDuckGo research suggests that Videotron intentionally block port 80 to stop people from hosting websites.

As such, your main alternative is to use DNS validation instead of HTTP validation.

Let’s Encrypt clients such as acme.sh support using DNS validation via GoDaddy DNS hosting, which your domain appears to use. That’s probably the best option for you.

2 Likes

Thank you for the reply,

I will look into that option but I think Vidéotron does allow port 80. If I type in my domain, I can see my page, you can try it bohbotsystems.ca and I can access it from outside my home network too.

I had this up and running before when I was with a different ISP that used Vidéotron’s services (Vidéotron is a monopoly company in Quebec so “others” must use their lines to sell their services)
Since I changed ISP’s my IP changed and I wanted a lager more powerful VM so I upgraded it causing me to restart from scratch. A little more info on the VM. It’s hosted on a DELL T710 6 cores and 12 GB of ram. Dedicated 120 GB SSD for OS and a dedicated 3 TB Raid 5 (4x1TB WD Reds) for Data. Host OS is windows server 2019 standard. Using Hyper-V to host this cloud service.

I have co-workers that have the same service as me but do not use lets encrypt but cloudflare and their SSL services and don’t have any issues hosting services from home.

The script I use is to host your own data cloud @ home, I’m trying to get away from Google and Microsoft services. The script validates ports 80 and 443 access and it comes up green and says its successful in reaching my domain on ports 80 and 443.

Thank you.

Hi @supra89t

as @_az wrote: Your port 80 is invisible, https answers with a bad request (checked via https://check-your-website.server-daten.de/?q=cloud.bohbotsystems.ca ):

Domainname Http-Status redirect Sec. G
• http://cloud.bohbotsystems.ca/
96.23.201.19 -14 10.026 T
Timeout - The operation has timed out
• https://cloud.bohbotsystems.ca/
96.23.201.19 400 7.526 N
Bad Request
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
• http://cloud.bohbotsystems.ca/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
96.23.201.19 -14 10.030 T
Timeout - The operation has timed out
Visible Content:

If it works local, that isn’t really relevant. Use such online tools ( https://check-your-website.server-daten.de/ is my tool, https://letsdebug.net/ is from @_az) to check these things. Then you know if your website is visible.

Is there a firewall? Or a missing port forwarding?

Is this a regional blocking?

1 Like

For what its worth, I’m not a VideoTron customer but I am on another ISP in Quebec (Cogeco) and was also unable to access this website on port 80.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.