While trying to install the certificate, I get “Failed to connect to host for DVSNI challenge” error message. I tried this by using the standalone plugin command
sudo ./letsencrypt-auto certonly -a standalone -d xxx.yyyy.com --server https://acme-v01.api.letsencrypt.org/directory
My domain is hosted in AWS EC2. I have ensured that the ports 80 and 443 are open. I’ve also checked all the threads related to this subject with no luck. Need some help is resolving the issue.
Are you happy to provide the domain name ( so we can check DNS for possible issues ) and the full log ( preferably using the verbose flag). You can do that via pastebin if you like, to limit it’s time of availability if you prefer.
eas.intrado.com/EAS/ isn’t a FQDN (fully qualified domain name ), which if you are trying to obtain an SSL certificate for that, will be why it’s failing.
It looks like you’re using ELB. If your ELB instance is terminating SSL (as opposed to TCP passthrough), you won’t be able to use the TLS-SNI-01 challenge type, because that challenge involves changing your SSL configuration on the fly.
http-01 would work for your use-case. You can use this by adding --standalone-supported-challenges http-01 to your command. The client will listen on port 80 in that mode.
but getting an info like
"The Let’s Encrypt agent can obtain and install HTTPS/TLS/SSL certificates. By
default, it will attempt to use a webserver both for obtaining and installing
the cert. Major SUBCOMMANDS are:"