Failing to get a certificate on Ubuntu16 with Apache

I’m testing a self-hosted server and cannot get passed the http-01 challenge, both ports 80 and 443 are open, I used the reccomended configuration “sudo certbot --apache” and the “acme.sh” both unsuccessfull, this is the most complete log i have:

root@SRVUBUNTU:~/.acme.sh# ./acme.sh --issue -d 200.95.197.254.xip.io -w /var/www/html

https://pastebin.com/ngvamDb8

The server is up and running but everytime I run certbot it gets 404 error or timeout.

Edit: If you try to access http://200.95.197.254.xip.io you can see the index file from the www-root directory:

root@SRVUBUNTU:/var/www/html# ls -l *.html
-rw-r–r-- 1 root root 79 Jun 13 08:09 index.html
-rw-r–r-- 1 root root 11321 Mar 15 10:52 oldindex.html

Hi @Luisfernando97

I can't load

http://200.95.197.254.xip.io/.well-known/acme-challenge/Fw7dfWgMILvrzQd522BscYUXF9eLgPhJIwFvPM1_4sU

Same problem as in your protocol - Timeout during connect (likely firewall problem)

Yes, even forcing the www-root (/var/www/html) wich is the default I cannot find this file.

Edit: if you just try to access 200.95.197.254.xip.io you will see the index file that is inside this directory

No, there is also a timeout. There may be a firewall or something else. I am not able to check /.well-know/, because I can't get the complete domain.

Oops, it seems the problem lives somewhere else then, checking firewall again

Now it works.

https://200.95.197.254.xip.io/

I had a tab opend, clicked F5 - now the certificate is correct.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.