It produced this output:
Domain: tdev.probot.us
Type: connection
Detail: Failed to connect to 24.6.90.91:443 for TLS-SNI-01
challenge
My operating system is (include version):
ubuntu
My web server is (include version):
express
My hosting provider, if applicable, is:
aws
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
So, I’m a bit confused about how letsencrypt can try to verify a domain using port 443 when I’m trying to create a certificate for that domain that would allow it to run on port 443. Port 80 is working fine.
You can validate a domain using the existing web server on port 80 ( or 443)
You could also validate a domain using a DNS challenge ( although the official certbot doesn’t support that currently, but a number of the alternate clients do).
To use certbot in standalong mode, you need to turn off any current web pages. You also need to ensure that no firewall is blocking access.
This plugin needs to bind to port 80 or 443 in order to perform domain validation, so you may need to stop your existing webserver. To control which port the plugin uses, include one of the options shown below on the command line.
--standalone-supported-challenges http-01 to use port 80
--standalone-supported-challenges tls-sni-01 to use port 443
Great. Thanks! That was part of the magic. Since I was on a different machine I had to use --manual and create the file in the proper place. But it eventually worked. Appreciate it!