Failed authorization procedure - Could not connect to

My domain is:

I ran this command:
certbot certonly --webroot -w /var/lib/tomcat8/webapps/ROOT -d -d

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Starting new HTTPS connection (1):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
http-01 challenge for
Using the webroot path /var/lib/tomcat8/webapps/ROOT for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to, (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to

 - The following errors were reported by the server:

   Type:   connection
   Detail: Could not connect to

   Type:   connection
   Detail: Could not connect to

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

My operating system is (include version):
Distributor ID: Ubuntu
Description: Ubuntu 17.04
Release: 17.04
Codename: zesty

My web server is (include version):
Using CATALINA_BASE: /usr/share/tomcat8
Using CATALINA_HOME: /usr/share/tomcat8
Using CATALINA_TMPDIR: /usr/share/tomcat8/temp
Using JRE_HOME: /usr
Using CLASSPATH: /usr/share/tomcat8/bin/bootstrap.jar:/usr/share/tomcat8/bin/tomcat-juli.jar
Server version: Apache Tomcat/8.0.38 (Ubuntu)
Server built: Mar 28 2017 23:47:32 UTC
Server number:
OS Name: Linux
OS Version: 4.9.15-x86_64-linode81
Architecture: amd64
JVM Version: 1.8.0_121-8u121-b13-4-b13
JVM Vendor: Oracle Corporation

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Current emotional state:
A little sad due to above error. :frowning:

Tomcat Connector (defaults, I believe):

<Connector port="8080" protocol="HTTP/1.1"
		   redirectPort="8443" />

More Details:

Following guide:
Added test.txt to .well-known and it is visible in my browser:
Accepted HTTP on port 80. Not accepting HTTPS on 443, yet. Port 80 is being forwarded to 8080. Port 443 is being forwarded to 8443.

As of right now, i can’t access either.

*   Trying 2600:3c01::f03c:91ff:fe56:2776...
* connect to 2600:3c01::f03c:91ff:fe56:2776 port 80 failed: Connection refused
*   Trying
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
... blah blah blah ...
  0     0    0     0    0     0      0      0 --:--:--  0:02:09 --:--:--     0
* connect to port 80 failed: Connection timed out
* Failed to connect to port 80: Connection timed out

Are you sure your DNS records are correct, all the software is running and listening on the right IPs, a firewall isn’t interfering, etc?

Turns out it was the firewall. I think I set it up a little too aggressively. Looks like it succeeded! :slight_smile:

Thanks for the response! Hopefully no more problems…

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.