GoDaddy, Nginx, Windows, and Certbot: Let's play together

Nice to meet you guys -- this looks like a great community :slight_smile:

OK here's the deal - I can't get certbot certonly --standalone to run. My answers to the critical questions are pasted below, but here's some getting started information:

I've got a permeant server running Windows 10 that I access via Microsoft Remote Desktop, and on which I have full admin rights.

That server runs Waitress to host a Python Dash app that serves to localhost on Port 3000.

I've installed Nginx on that server to reverse proxy the app using the following server block:

    server {
        listen 80;
        listen [::]:80;


        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        location / {

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;

On the GoDaddy side, I've kept the default rules in the DNS and I've added an A Rule with the following parameters:
Type: A
Name: @
TTL: 1/2 Hour

My domain is:

I ran this command: certbot certonly --standalone

It produced this output:

Saving debug log to C:\Certbot\log\letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel):
Requesting a certificate for

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
  Type:   unauthorized
  Detail: Invalid response from []: "<!doctype html><html lang=\"en\"><head><meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\"><meta name=\"viewport\" con"

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

Some challenges have failed.
Ask for help or search for solutions at See the logfile C:\Certbot\log\letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): nginx 1.21.4 (mainline)

The operating system my web server runs on is (include version): Windows 10

My hosting provider, if applicable, is: GoDaddy

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.21.0

Ideas for what might be fouling things up:

  • I need to get into Windows Defender Firewall and add a rule or something to free Port 80.... but if that were true, then it seems like the webpage wouldn't serve, and right now, you do indeed get a splash page when you visit
  • I need to configure something else within GoDaddy
  • I need to adjust my server_name -- or other directive -- within my nginx.conf file

That's about all I got. Thanks for the help everyone :smiley:


That seems like the two would be fighting for the same port.
But I don't see that error in the logs posted...

I think I need a picture of your network/systems layout.
Or you could just type out 1000 words - LOL

1 Like

I think I'm starting to piece this together.
nginx at IP [needs a cert]
Windows 10 at [some other IP] has certbot for Windows

If that's true, then you can't use HTTP authentication at the Windows 10 PC for the name that resolves to nginx server elsewhere.

And, sorry, yes hi nice to meet you too :slight_smile:

1 Like


I think the nginx may be proxying to the Windows 10, but my glance was quick and may be inaccurate.

1 Like

That would be a twist - but also within the realm of possibility.


The nginx "server" may not be racked somewhere in a datacenter - bad assumption on my part.

Circle right back to - paint me a picture - I'm lost !
Dumb GPS!

1 Like

As far as I can tell, GoDaddy is just the DNS Service Provider (DSP) here and not the actual Hosting Service Provider (HSP).


Nice chatting with you @griffin
Now if we could just get Jake back on the partyline...

Yeah, reading GoDaddy threw me off.


I'm not seeing a button for adding pictures to posts in this forum layout -- any idea how I do that?

But I stop nginx before running certbot certonly --standalone because that's what I was instructed to do. Therefore they can't be fighting for the same port.

Yes. GoDaddy is ONLY a host name resolver - all I want it to do is map the url to the ip address. Everything else is handled on the Windows 10 computer to which I have full access. Griffin was right

1 Like




Or just copy/paste it in - like the one above from Snipping Tool

I don't see any splash page or anything at all:

curl -Ii
curl: (56) Recv failure: Connection reset by peer

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.