Failed to renew


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://joeandhope.asuscomm.com

I ran this command: Renew Certificate through Open Media Vault

It produced this output: 2018-05-27 15:30:44,626:WARNING:certbot.auth_handler:Challenge failed for domain joeandhope.asuscomm.com
2018-05-27 15:30:44,626:INFO:certbot.auth_handler:Cleaning up challenges
2018-05-27 15:30:44,627:DEBUG:certbot.plugins.webroot:Removing /srv/dev-disk-by-id-md-name-Joe-NAS-JoeHopeNAS/www/nextcloud/.well-known/acme-challenge/3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM
2018-05-27 15:30:44,627:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /srv/dev-disk-by-id-md-name-Joe-NAS-JoeHopeNAS/www/nextcloud/.well-known/acme-challenge
2018-05-27 15:30:44,627:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/NextCloud.conf produced an unexpected error: Challenges failed for all domains. Skipping.

My web server is (include version): nginx v1.10.3

The operating system my web server runs on is (include version): Debian 4.14.13 (Running Open Media Vault 4.1.4.0)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Open Media vault 4.1.4-1
I tried to paste my log but apparently new users only get 20 links, not sure what that means. Thanks.


#2

The log is full of URLs (your website, the Let’s Encrypt API, etc.) and the forum software has limits.

You should be able to post it now, but you can also upload it to a pastebin and link to that.


#3

Here is the full log

2018-05-27 15:30:40,878:DEBUG:certbot.main:Root logging level set at 20
2018-05-27 15:30:40,879:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-05-27 15:30:40,880:DEBUG:certbot.main:certbot version: 0.10.2
2018-05-27 15:30:40,880:DEBUG:certbot.main:Arguments: []
2018-05-27 15:30:40,880:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2018-05-27 15:30:40,892:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-05-31 03:14:54 UTC.
2018-05-27 15:30:40,892:INFO:certbot.renewal:Cert is due for renewal, auto-renewing…
2018-05-27 15:30:40,893:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2018-05-27 15:30:40,893:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f96f7266310>
Prep: True
2018-05-27 15:30:40,894:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f96f7266310> and installer None
2018-05-27 15:30:40,897:DEBUG:certbot.main:Picked account: <Account(a6939549b7eb32ce5759ca9569e24c97)>
2018-05-27 15:30:40,898:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2018-05-27 15:30:40,927:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2018-05-27 15:30:41,188:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 “GET /directory HTTP/1.1” 200 658
2018-05-27 15:30:41,189:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
Replay-Nonce: q9TUyxKnIEiImHOAI6hIZInmCu8fqacXSXxr8IJ_Tq8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 27 May 2018 15:31:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 27 May 2018 15:31:58 GMT
Connection: keep-alive

{
“fcyCzis_Lgc”: “Adding random entries to the directory”,
“key-change”: “https://acme-v01.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
letsencrypt.org
],
“terms-of-service”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org
},
“new-authz”: “https://acme-v01.api.letsencrypt.org/acme/new-authz”,
“new-cert”: “https://acme-v01.api.letsencrypt.org/acme/new-cert”,
“new-reg”: “https://acme-v01.api.letsencrypt.org/acme/new-reg”,
“revoke-cert”: “https://acme-v01.api.letsencrypt.org/acme/revoke-cert
}
2018-05-27 15:30:41,197:INFO:certbot.main:Renewing an existing certificate
2018-05-27 15:30:41,198:DEBUG:root:Requesting fresh nonce
2018-05-27 15:30:41,198:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
2018-05-27 15:30:41,281:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 “HEAD /acme/new-authz HTTP/1.1” 405 0
2018-05-27 15:30:41,282:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Replay-Nonce: v5ZkXBjA5xYoZCd8I7SXLb9_9TDeYjq7Jzm3RVvWIno
Expires: Sun, 27 May 2018 15:31:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 27 May 2018 15:31:58 GMT
Connection: keep-alive

2018-05-27 15:30:41,282:DEBUG:acme.client:Storing nonce: v5ZkXBjA5xYoZCd8I7SXLb9_9TDeYjq7Jzm3RVvWIno
2018-05-27 15:30:41,282:DEBUG:acme.client:JWS payload:
{
“identifier”: {
“type”: “dns”,
“value”: “joeandhope.asuscomm.com
},
“resource”: “new-authz”
}
2018-05-27 15:30:41,289:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
“header”: {
“alg”: “RS256”,
“jwk”: {
“e”: “AQAB”,
“kty”: “RSA”,
“n”: “0CSsepeyPI0WjNY-9rSxF_VCT1NuM2l4KmLROkHomwW-E4pZOmQPljtJvdlqfI9WvJVd7zCDAfTQ0C8LfBgJwXCmfbdV7vniP_eEx-LQm-fr3HgvI3KQrWFszZSBlVahm4_jJIbtHagwCmWvxBZBQa0CMTpgKkyurABawF5W5Pb9VOt4xdpPPYQxcHY8WLK5bO2R1cKONKXlciXZ3Ei46cfHUSHoQQJpfhtP9CHAMpMnzAVbFGi-JpVOrQitEoCgWNPp7y5mGkNt_601e_Lg_en9-a_3l9PQMgDR3HPAiMdLC-7VxEHNqGxsOsZK2T3gqi74vN0fyM-Xs1Ni89dF2Q”
}
},
“protected”: “eyJub25jZSI6ICJ2NVprWEJqQTV4WW9aQ2Q4STdTWExiOV85VERlWWpxN0p6bTNSVnZXSW5vIn0”,
“payload”: “ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiam9lYW5kaG9wZS5hc3VzY29tbS5jb20iCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ”,
“signature”: “RNuNsf2qEFTStsdz3qCHC75COqYmfZEDMV6LiOLYYr1tL2787ppJEU3v37XHX7SuR2XuNgMnTa-ggWT1LpnGSZ9Ehm5YIpLCneP4v0KDBfUo5dq2y6GJGvdbrMNvPjZHvV8Ay_ihjeQkUiypl6kwYVnlj93dkQ7RTvq9fh7wUoYSvzfJJS6rQAvpAF1–8unATXtrqGVzNTrmQlUiD8AljbUO-Ie9F72zglXs-ZCSmCneMRWLi70ZqpxPzJP7MsWy5j30_prMcScSZC-5LsEGGeJMlepJjcLT3t6bkmuEmrbOeTTUujuWfP_BifsfJU6lJNxuPZ-ROi4_7y55SVo0w”
}
2018-05-27 15:30:41,392:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 “POST /acme/new-authz HTTP/1.1” 201 1001
2018-05-27 15:30:41,393:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1001
Boulder-Requester: 30364342
Link: https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”
Location: https://acme-v01.api.letsencrypt.org/acme/authz/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA
Replay-Nonce: JWhPDX7rKKxvKvg8tk2oieItv2NiI3XxYWoI6iu7GuY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 27 May 2018 15:31:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 27 May 2018 15:31:58 GMT
Connection: keep-alive

{
“identifier”: {
“type”: “dns”,
“value”: “joeandhope.asuscomm.com
},
“status”: “pending”,
“expires”: “2018-06-03T15:31:58Z”,
“challenges”: [
{
“type”: “dns-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436433”,
“token”: “C3wTFbqxqr-GAo6wQP_vtJxTllwvVX32bFgrn5xu_DE”
},
{
“type”: “tls-sni-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436434”,
“token”: “t0PlL8xPQRwzphGg6O3lnTPeIfsiM5cFjUJeuuM5FIo”
},
{
“type”: “http-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436435”,
“token”: “3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM”
}
],
“combinations”: [
[
0
],
[
2
],
[
1
]
]
}
2018-05-27 15:30:41,393:DEBUG:acme.client:Storing nonce: JWhPDX7rKKxvKvg8tk2oieItv2NiI3XxYWoI6iu7GuY
2018-05-27 15:30:41,394:INFO:certbot.auth_handler:Performing the following challenges:
2018-05-27 15:30:41,395:INFO:certbot.auth_handler:http-01 challenge for joeandhope.asuscomm.com
2018-05-27 15:30:41,395:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /srv/dev-disk-by-id-md-name-Joe-NAS-JoeHopeNAS/www/nextcloud/.well-known/acme-challenge
2018-05-27 15:30:41,401:DEBUG:certbot.plugins.webroot:Attempting to save validation to /srv/dev-disk-by-id-md-name-Joe-NAS-JoeHopeNAS/www/nextcloud/.well-known/acme-challenge/3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM
2018-05-27 15:30:41,402:INFO:certbot.auth_handler:Waiting for verification…
2018-05-27 15:30:41,402:DEBUG:acme.client:JWS payload:
{
“keyAuthorization”: “3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM.RB1M2VSVleFT-z7TWJifIvWbekK0SaFgNMht9y5DP1k”,
“type”: “http-01”,
“resource”: “challenge”
}
2018-05-27 15:30:41,409:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436435:
{
“header”: {
“alg”: “RS256”,
“jwk”: {
“e”: “AQAB”,
“kty”: “RSA”,
“n”: “0CSsepeyPI0WjNY-9rSxF_VCT1NuM2l4KmLROkHomwW-E4pZOmQPljtJvdlqfI9WvJVd7zCDAfTQ0C8LfBgJwXCmfbdV7vniP_eEx-LQm-fr3HgvI3KQrWFszZSBlVahm4_jJIbtHagwCmWvxBZBQa0CMTpgKkyurABawF5W5Pb9VOt4xdpPPYQxcHY8WLK5bO2R1cKONKXlciXZ3Ei46cfHUSHoQQJpfhtP9CHAMpMnzAVbFGi-JpVOrQitEoCgWNPp7y5mGkNt_601e_Lg_en9-a_3l9PQMgDR3HPAiMdLC-7VxEHNqGxsOsZK2T3gqi74vN0fyM-Xs1Ni89dF2Q”
}
},
“protected”: “eyJub25jZSI6ICJKV2hQRFg3cktLeHZLdmc4dGsyb2llSXR2Mk5pSTNYeFlXb0k2aXU3R3VZIn0”,
“payload”: “ewogICJrZXlBdXRob3JpemF0aW9uIjogIjN4eWFaUlVmSW9KNUJMMWEtbFNBREg1TUxoTWY5QktKU2xXU0ZyNWlzak0uUkIxTTJWU1ZsZUZULXo3VFdKaWZJdldiZWtLMFNhRmdOTWh0OXk1RFAxayIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9”,
“signature”: “mR4NouEXnlGUuBnTF1yAGqay_2jLrRpTKQlNxvG1RS9Isiu2hwxWTFl0g-xLJpZBCYoih09U91G_aWS9rwp029XKYs-UCyfhI-9_Yw5rhS8uWLfcdhaXgB7yFpmZbaZcGe7FXEshLOvDnHtqdcZNoP7-31iT51qs4U2UYaFxoiHxsDm17KUsUV4_PdrcgFE4IW_O31JYKgnQtV5fIQsLDx6JKXlWAx4TP56MAh9P7H7MEYmiz6ZXxd_dE7wgj1KVNSTaj_O5yv-iAoZ5kUwvHSD2-0ALham_wZEXClE-5mHhhBaiIinQZL-mO0qlbNM5K9uTaO8xhK8GriFm-fYYlQ”
}
2018-05-27 15:30:41,530:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 “POST /acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436435 HTTP/1.1” 202 336
2018-05-27 15:30:41,531:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Requester: 30364342
Link: https://acme-v01.api.letsencrypt.org/acme/authz/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA;rel=“up”
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436435
Replay-Nonce: GBNDVNOdcwF3x4IpHLGim1-k1mFXmDXCwqa0ji0IDp0
Expires: Sun, 27 May 2018 15:31:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 27 May 2018 15:31:59 GMT
Connection: keep-alive

{
“type”: “http-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436435”,
“token”: “3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM”,
“keyAuthorization”: “3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM.RB1M2VSVleFT-z7TWJifIvWbekK0SaFgNMht9y5DP1k”
}
2018-05-27 15:30:41,531:DEBUG:acme.client:Storing nonce: GBNDVNOdcwF3x4IpHLGim1-k1mFXmDXCwqa0ji0IDp0
2018-05-27 15:30:44,535:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA.
2018-05-27 15:30:44,624:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 “GET /acme/authz/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA HTTP/1.1” 200 1730
2018-05-27 15:30:44,625:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1730
Link: https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”
Replay-Nonce: YkJFqObxY3-TloDDXcWhdYBdqbyC0Xntv6-m3-1PzPI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 27 May 2018 15:32:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 27 May 2018 15:32:02 GMT
Connection: keep-alive

{
“identifier”: {
“type”: “dns”,
“value”: “joeandhope.asuscomm.com
},
“status”: “invalid”,
“expires”: “2018-06-03T15:31:58Z”,
“challenges”: [
{
“type”: “dns-01”,
“status”: “invalid”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436433”,
“token”: “C3wTFbqxqr-GAo6wQP_vtJxTllwvVX32bFgrn5xu_DE”
},
{
“type”: “tls-sni-01”,
“status”: “invalid”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436434”,
“token”: “t0PlL8xPQRwzphGg6O3lnTPeIfsiM5cFjUJeuuM5FIo”
},
{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:connection”,
“detail”: “Fetching http://joeandhope.asuscomm.com/.well-known/acme-challenge/3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM: Connection refused”,
“status”: 400
},
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436435”,
“token”: “3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM”,
“keyAuthorization”: “3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM.RB1M2VSVleFT-z7TWJifIvWbekK0SaFgNMht9y5DP1k”,
“validationRecord”: [
{
“url”: “http://joeandhope.asuscomm.com/.well-known/acme-challenge/3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM”,
“hostname”: “joeandhope.asuscomm.com”,
“port”: “80”,
“addressesResolved”: [
“50.35.104.235”
],
“addressUsed”: “50.35.104.235”
}
]
}
],
“combinations”: [
[
0
],
[
2
],
[
1
]
]
}
2018-05-27 15:30:44,626:WARNING:certbot.auth_handler:Challenge failed for domain joeandhope.asuscomm.com
2018-05-27 15:30:44,626:INFO:certbot.auth_handler:Cleaning up challenges
2018-05-27 15:30:44,627:DEBUG:certbot.plugins.webroot:Removing /srv/dev-disk-by-id-md-name-Joe-NAS-JoeHopeNAS/www/nextcloud/.well-known/acme-challenge/3xyaZRUfIoJ5BL1a-lSADH5MLhMf9BKJSlWSFr5isjM
2018-05-27 15:30:44,627:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /srv/dev-disk-by-id-md-name-Joe-NAS-JoeHopeNAS/www/nextcloud/.well-known/acme-challenge
2018-05-27 15:30:44,627:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/NextCloud.conf produced an unexpected error: Challenges failed for all domains. Skipping.
2018-05-27 15:30:44,629:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/usr/lib/python2.7/dist-packages/certbot/renewal.py”, line 413, in handle_renewal_request
main.obtain_cert(lineage_config, plugins, renewal_candidate)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 626, in obtain_cert
action, _ = _auth_from_available(le_client, config, domains, certname, lineage)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 103, in _auth_from_available
renewal.renew_cert(config, domains, le_client, lineage)
File “/usr/lib/python2.7/dist-packages/certbot/renewal.py”, line 296, in renew_cert
new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
File “/usr/lib/python2.7/dist-packages/certbot/client.py”, line 262, in obtain_certificate
self.config.allow_subset_of_names)
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 88, in get_authorizations
“Challenges failed for all domains”)
AuthorizationError: Challenges failed for all domains

2018-05-27 15:30:44,629:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.10.2’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 849, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 655, in renew
renewal.handle_renewal_request(config)
File “/usr/lib/python2.7/dist-packages/certbot/renewal.py”, line 430, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)


#4

Hi,

It seems you got an error connnection…
From https://acme-v01.api.letsencrypt.org/acme/challenge/D4L7pIgDiOa80QSbqgIsxkFg_IqU6lW20pieMEU8HrA/4836436435

Your Server is refusing connection @port 80. 50.35.104.235

Error Connection Refused.

Can you check if there is something misconfigured?

Thank you


#5

All HTTP connections are receiving: failed: Connection refused.
Is your IP correct? (50.35.104.235)
Is your router forwarding port 80 to your web server?

It seems only port 443 is being allowed:
<!DOCTYPE html>
<html>
<head>
<script type=“text/javascript”> window.location.href=“index.php”;
<meta http-equiv=“refresh” content=“0; URL=index.php”>
</head>
</html>

[EDIT]
You might be able to update your renewal config file to use https instead of http (worth a try).
Or force it on the command line with --preferred-challenges tls-sni-01 (if you can find where “Open Media Vault” stores the commands it runs)


#6

Rudy,

I think your method is my best chance since I am having issues when using http. That’s why I had my web server to ssl only.

How do I use your arguments in the cmd line? Is it with the “letsencrypt renew” command? I have cmd line access as OMV is just Debian. “letsencrypt renew” works from the cmd line but fails for the same reason. If I can get it to use https through an argument, that should do the trick. Thanks for the help.


#7

Yes, try:
sudo letsencrypt renew --preferred-challenges tls-sni-01


#8

I get this:

root@noggin:/etc/letsencrypt/renewal# letsencrypt renew --preferred-challenges tls-sni-01
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/NextCloud.conf

Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
Attempting to renew cert from /etc/letsencrypt/renewal/NextCloud.conf produced an unexpected error: None of the preferred challenges are supported by the selected plugin. Skipping.

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/NextCloud/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)


#9

Please show:
/etc/letsencrypt/renewal/NextCloud.conf


#10

Thanks so much for your help.

I opened NextCloud.conf to copy it and noticed a typo in the directory under webroot_map.

I also cleared up the port 80 issue by manually running the cron job by accessing cron.php. There is still something wrong there because it isn’t auto running but I can live with that for now (another can of worms).

A combo of these allowed me to renew my cert with no errors.

Thanks again.


#11

Cool……………
Cheers


#13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.