FailedChallenges: Failed authorization procedure

The letsencrypt.log says timeout, but my access log from apache says that the request has been served:
18.197.227.110 - - [06/Aug/2019:13:39:04 +0200] “GET /.well-known/acme-challenge/0exLEunVGwJq-jsWRkCA8B28wHoPzGbRH_4PfLdDUFY HTTP/1.1” 200 88 “-” “Mozilla/5.0 (compatible; Let’s Encrypt validation server; +https://www.letsencrypt.org)”

My domain is:
bbr-test8.printern.dk

I ran this command:
certbot certonly --manual -d bbr-test8.printern.dk --preferred-challenges http --debug-challenges -v

It produced this output:
FailedChallenges: Failed authorization procedure. bbr-test8.printern.dk (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://bbr-test8.printern.dk/.well-known/acme-challenge/0exLEunVGwJq-jsWRkCA8B28wHoPzGbRH_4PfLdDUFY: Timeout during connect (likely firewall problem)

My web server is (include version):
Apache/2.4.6

The operating system my web server runs on is (include version):
NAME=“Red Hat Enterprise Linux Server”
VERSION=“7.5 (Maipo)”

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.23.0

Hi @pse

checking your domain that looks good - https://check-your-website.server-daten.de/?q=bbr-test8.printern.dk

Domainname Http-Status redirect Sec. G
http://bbr-test8.printern.dk/
147.29.101.87 403 0.064 M
Forbidden
http://www.bbr-test8.printern.dk/
147.29.101.87 403 0.064 M
Forbidden
https://bbr-test8.printern.dk/
147.29.101.87 -14 10.033 T
Timeout - The operation has timed out
https://www.bbr-test8.printern.dk/
147.29.101.87 -14 10.026 T
Timeout - The operation has timed out
http://bbr-test8.printern.dk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
147.29.101.87 404 0.063 A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server.
http://www.bbr-test8.printern.dk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
147.29.101.87 404 0.066 A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server.

Port 80 is open, checking a random file in /.well-known/acme-challenge there is the expected answer http status 404 - Not Found.

But:

One check isn’t enough, there are 4 checks with different ip addresses. Do you have a blocking firewall with regional settings?

Create the two subdirectories yourRoot/.well-known/acme-challenge, there a file (file name 1234), then check the complete url with the online tool, to see, if there is a http status 200 - ok.

If there is a 200, check the same url via https://www.uptrends.com/de/tools/uptime

Thanks, that is the problem. I have compared it with another site I have and there is no such regional setting. Are there a workaround or do you have to remove the regional setting?

1 Like

You must allow Letsencrypt to chech your validation file. Remove these regional constraints.

Thank you for your fast response. I will consider if it is possible.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.