Getting Errors While Trying to Renew

Help
1

My domain is: example.com

I ran this command: sudo certbot certonly --webroot --webroot-path=/home/user/example -d example.com -d www.example.com

It produced this output: Failed authorization procedure. www.example.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.example.com/.well-known/acme-challenge/ryzd6mjajRYqjIJI1Rfu5hqmQDc-3qYygqMH4XdXbUc: Timeout

Hello there. I installed lets-encrypt for my customer and certificate expired. I was create a cron tab but so here we are.
I didnt get expires emails(because the email belongs to my customer) and certificate expired.

The problem is i cant renew my cert. because of some errors like 404 403 etc etc. I will paste my nginx conf file but nothing changed in it. Help me thanks :slight_smile:

server {
    listen 80;
    listen [::]:80;

    server_name www.example.com example.com;
    location ~ /.well-known {
        allow all;
        root /home/user/example;
    } // I add this location section later for no redirect to https while renew.

    location / {
        return 301 https://$server_name$request_uri;
    }
}

server {

    # SSL configuration

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;
    include snippets/ssl-example.com.conf;
    # include snippets/ssl-params.conf;

    root /home/user/example;

    location = /favicon.ico { access_log off; log_not_found off; }

    location /static/ {
        root /home/user/example;
    }

    location /media/  {
        root /home/user/example;
    }

    location / {
       include         uwsgi_params;
        uwsgi_pass      unix:/run/uwsgi/example.sock;
    }


    location ~*  \.(jpg|jpeg|png|gif|ico|css|js)$ {
       expires 365d;
    }
}

Btw im serving django-python app with uwsgi

thanks for helps

2

Okey i tried same command again and it just work. I dont know why really :confused: I also afraid for next renew time :confused: Anyway that topic could close now.

3

There’s some sort of problem with the connection between the Let’s Encrypt servers and your host.

Do you have an IPv6 AAAA record for the domain in question? Does it work? If you do and it doesn’t, that’s your problem, as Let’s Encrypt recently got stricter about dealing with sites that claim IPv6 support. To correct the problem, you’ll need to fix the AAAA record if it is pointing to the wrong address, fix your firewall to allow IPv6 connections if the address is correct, or remove the AAAA record if you can’t fix the issues with it.

If you do not have an AAAA record on the domain in question, you are having IPv4 connectivity issues instead. This could be a bad route from an upstream ISP or some sort of automatic blocking that is cutting off access from Let’s Encrypt’s servers.

If you provide the domain in question, we could look further into what might be happening.

4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.