Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:jsid.edu.et, www.jsid.edu.et
I ran this command: certbot --force-renewal -d www.jsid.edu.et,jsid.edu.et
It produced this output: "Renewing an existing certificate
Performing the following challenges:
http-01 challenge for jsid.edu.et
http-01 challenge for www.jsid.edu.et
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. jsid.edu.et (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: 196.189.91.218: Fetching http://1.1.1.2/webAuth/index.htm?jsid.edu.et/.well-known/acme-challenge/cQUucLKGBy2rWhaKovRgkG6CLhSo_8nb6QO0f5qgiP8: Invalid host in redirect target "1.1.1.2". Only domain names are supported, not IP addresses, www.jsid.edu.et (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: 196.189.91.218: Fetching http://www.jsid.edu.et/.well-known/acme-challenge/rHSZ2sScCWN7R3v0Ww1XABH-LcTU3G-Gs-cmtBK9hnk: Connection reset by peer"
My web server is (include version): Apache/2.4.29 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 18.04.5 LTS
My hosting provider, if applicable, is: Ethiotelecom
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): webmin
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 0.27.0
Please don't use this option unless you know what it actually does. What it does NOT do is magically force Let's Encrypt to issue a certificate without a valid authorization and thus does not help in your case.
Further more, the error message returned by the ACME server regarding the invalid host in redirection target should provide more than enough information for you to proceed with. If that is not the case, please elaborate on what is not clear about the error message and/or any issue you're having with it.
Also, your Certbot version is ancient. While updating Certbot would not fix the issue you're currently having, I do recommend to update to the most recent version.
Thank you for the reply. yeah there is webmin and i tried to disable it to bypass the redirection to 1.1.1.2 and still unable to figure out the problem.
I also tried to install certbot using snap install --classic certbot, the starting to download and the download progress became 100% immediately then shows this.
Now that the redirection has been removed, I would try again.
Maybe first use the testing/staging environment: certbot -d www.jsid.edu.et,jsid.edu.et --dry-run
That's owned by cloudflare, it's unlikely that redirect will point to something working. Unless that's intended. Are you redirecting foreign connections to that IP?