Failed authorization procedure. itsnikolay.ru (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 178.62.204.132:443 for TLS-SNI-01 challenge
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: itsnikolay.ru
Type: connection
Detail: Failed to connect to 178.62.204.132:443 for TLS-SNI-01
challenge
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
I made sure those tips by running the following command:
Sorry, Monit run Nginx
now I disable Monit and Nginx, but the same stuff is till here:
❯ curl -I http://itsnikolay.ru:443
curl: (7) Failed to connect to itsnikolay.ru port 443: Connection refused
❯ sudo letsencrypt certonly \ project-notes/git/master !
--standalone \
-d itsnikolay.ru
Failed authorization procedure. itsnikolay.ru (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 178.62.204.132:443 for TLS-SNI-01 challenge
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: itsnikolay.ru
Type: connection
Detail: Failed to connect to 178.62.204.132:443 for TLS-SNI-01
challenge
Could you have any kind of firewall that either (1) prevents certain programs from listening on port 443, or (2) prevents certain IP addresses from making inbound connections to your server?
Note that if this isn’t possible, the DNS challenge type can sometimes help – it’s supported by several of the bash clients and now by Certbot in 0.9.0 and later versions. But you would have to be able to update DNS records for the subject domain from the machine where you’re running whichever Let’s Encrypt client.