I’m trying to add certificates using certbot to a new, up to date Ubuntu 16.04 server running nginx 1.10.3.
My domain name is theos-test.com.
Here’s the command and the output:
theo@ubuntu-512mb-nyc3-01:/etc/nginx/sites-enabled$ sudo certbot --nginx --staging --test-cert -d theos-blog.com -d www.theos-blog.com Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Obtaining a new certificate Performing the following challenges: tls-sni-01 challenge for theos-blog.com tls-sni-01 challenge for www.theos-blog.com Waiting for verification... Cleaning up challenges Failed authorization procedure. www.theos-blog.com (tls-sni-01): urn:acme:error:tls :: The server experienced a TLS error during domain verification :: remote error: tls: handshake failure, theos-blog.com (tls-sni-01): urn:acme:error:tls :: The server experienced a TLS error during domain verification :: remote error: tls: handshake failure IMPORTANT NOTES: - The following errors were reported by the server: Domain: www.theos-blog.com Type: tls Detail: remote error: tls: handshake failure Domain: theos-blog.com Type: tls Detail: remote error: tls: handshake failure To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that you have an up-to-date TLS configuration that allows the server to communicate with the Certbot client.
I’ve confirmed that ports 80 and 443 are permitted through the ufw firewall:
sudo ufw status
Status: active To Action From -- ------ ---- 22 ALLOW Anywhere Nginx Full ALLOW Anywhere 22 (v6) ALLOW Anywhere (v6) Nginx Full (v6) ALLOW Anywhere (v6)
Any assistance is much appreciated.