Failed authorization procedure.


Please fill out the fields below so we can help you better.

My domain is:

I ran this command: certbot-auto --apache -d

It produced this output: Failed authorization procedure. (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to conect to for TLS-SNI-01 challege

My operating system is (include version): Ubuntu server 16.04

My web server is (include version): apache2 2.4

My hosting provider, if applicable, is: hosting from virtualbox

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): webmin


How is the network for VirtualBox configured? Direct host? NAT? Something else?

Looks like port 443 doesn’t reach the server.


bridged connection with a static ip

However for a strange reason website can be visited by using and

In my router setting I had to provide port forwarding so I put my ubuntu server ip address which is and after that for some reason both ip can be used to go on website, is that the issue?


So it looks like this, is that wrong?


Sorry only can put 1 image at the time


Is your DNS pointing to your server ?

If I check the IP from your DNS I get - which is the IP you listed in your error.

You say that the IP of your website is … so the two don’t agree. Which should it be ?


Looking at this a bit more - your website is on - but then you load a frame containing data from This won’t work for obtaining a certificate I’m afraid - you will need to either change the DNS, validate it on or use a DNS challenge ( rather than a http or tls challenge )


How I am going to do that? I showed you how my server is configured so do you know how to change that? I am also using webmin and laravel if that helps


I’m just seeing port 80. Am I complete blind? Because I don’t see port 443 anywhere. And the error explicitely (and I did too) mentions port 443.


dig +trace does result in :slight_smile: Perhaps some TTL or caching issue on your ISP’s (or somewhere in between) end.

Although now there’s nothing reachable on that IP address :laughing: : telnet: connect to address No route to host


u1358595 updated the DNS to point to the correct IP after my comments - hence why :wink:


Haha, this is because my webserver is turned off, I have it on my laptop and whenever I am outside my home network it doesn’t work. Apparently now I need to set up https but I have no clue how to do that :stuck_out_tongue:


I have reached my limit and I can’t send new messages for 3 hours…

I don’t know what I did, but I did it, what do I need to do next so I don’t break it?


You have the certificate, so you now need to install it in your control panel (webmin ) which will be something like …

Log into your Webmin control panel.
Select the virtual host that you want to secure.
Click on SSL options.
Click “Yes” on Enable SSL.
Select Certificate/Private key and browse to the location of the SSL certificate.
Select Private key file and browse to the location of the ssl private key file.
Save changes and return to the server index.
Restart necessary services (apache)


Hi, I did it with cerbot-auto --apache -d -d and it has created it, asked to make it available on both http and https, however it only works on http and on https I get connection timed out, webmin shows me something like this so I think its incorrect. Sorry for image, I am now away from home and I made it before I got out.


You shouldn’t really use “cerbot-auto --apache” when also using webmin I’m afraid. Since “cerbot-auto --apache” will make changes to the apache config - and webmin will also do the same. You need to add the certificate into webmin as I outlined above.

As for connecting on port 443, we can’t test as you are not at home, and your “webserver” is only online when you are at home.

I’d suggest checking that all your devices are port forwarding correctly (you can check that by just connecting internally with port 443). I’d also check that https is setup on apacche through webmin ( as listed in my previous post).


You see existing virtual hosts, should I just have 2. 1 for and 2 for, or 2 each one for port 80 one for port 443? I will do it tomorrow morning and we see if it works. But you said so specify file name however if you choose browse it gives me browsing for host only, so should I just specify path manually as it is on virtual host so /etc/whatever. And also I only have 1 config file called 000-default.conf do I need to make another one or both virtual host can use same one? Or one needs to be for port 80 and another for port 443


You need to decide if you are using webmin to configure your website, or you are doing it by manually editing the files. You will almost certainly end up in a mess if you do both.


But is it right that I have 4 virtual hosts, do address and port look fine? That’s what I am asking, and also if I go to a browser throught my host, I cannot choose a file path as my host is windows and certificates are on Linux server


You can set it up how you want to - as they are all going to the same files, I’d set it up more as one - see the webmin documentation on virtualhost

For the certificates, you can always copy them to your windows computer first.