First time using let's encrypt


Please fill out the fields below so we can help you better.

My domain is:

I ran this command: cerbot --apache

It produced this output: failed to connect with 443

My operating system is (include version): debian 8

My web server is (include version): apache 2.4

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I can have access to the website test page when going to but not using ssl.
Also I would like to know, should i generate a self signed certificate before converting it with lets encrypt or should i just run lets encrypt and then add the information on the cert and key files into the apache virtual host file ?

Thank you for your help.


Hi @tursiops,

You don’t need to create a self-signed certificate before running certbot. If you use --apache, it should also be able to install the certificate for you (so you wouldn’t need to edit the Apache configuration files to refer to the cert and key files).

Could you give us the complete message or messages that certbot output when it finished running?


Hello, here is what I receive as error.

Failed authorization procedure. (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to xx.xx.xx.xx:443 for TLS-SNI-01 challenge


  • The following errors were reported by the server:

    Type: connection
    Detail: Failed to connect to xx.xx.xx.xx:443 for TLS-SNI-01

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you’re using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.


I would like to add that i get the following error when launching the command


Do you know if you can accept inbound connections on port 443 on that machine? Could there be a firewall configuration that blocks them or something?


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.