Handshake failure during cert installation, Ubuntu 16.04 running nginx


#1

Hello,

I’m trying to add certificates using certbot to a new, up to date Ubuntu 16.04 server running nginx 1.10.3.

My domain name is theos-test.com.

Here’s the command and the output:

theo@ubuntu-512mb-nyc3-01:/etc/nginx/sites-enabled$ sudo certbot --nginx --staging --test-cert -d theos-blog.com -d www.theos-blog.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for theos-blog.com
tls-sni-01 challenge for www.theos-blog.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.theos-blog.com (tls-sni-01): urn:acme:error:tls :: The server experienced a TLS error during domain verification :: remote error: tls: handshake failure, theos-blog.com (tls-sni-01): urn:acme:error:tls :: The server experienced a TLS error during domain verification :: remote error: tls: handshake failure

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: www.theos-blog.com
   Type:   tls
   Detail: remote error: tls: handshake failure

   Domain: theos-blog.com
   Type:   tls
   Detail: remote error: tls: handshake failure

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   you have an up-to-date TLS configuration that allows the server to
   communicate with the Certbot client.

I’ve confirmed that ports 80 and 443 are permitted through the ufw firewall:

sudo ufw status

reveals:

Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

Any assistance is much appreciated.


#2

Figured out the problem as soon as I posted. Wrong domain name! Sorry for wasting your time!


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.