Help with cert renewal

Sharpjackv · October 3, 2023, 12:49am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: sh4rp.tech

I ran this command: sudo certbot --apache -d sh4rp.tech -d sh4rp.tech

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewing an existing certificate for sh4rp.tech

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: sh4rp.tech
  Type:   connection
  Detail: 98.114.239.36: Fetching http://sh4rp.tech/.well-known/acme-challenge/h2MXiRQZHCx4-AnpyY_BAyXOeIgNmxLS8M8oES8zc-w: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): Server version: Apache/2.4.57 (Ubuntu)

The operating system my web server runs on is (include version): linux mint

My hosting provider, if applicable, is: selfhosted

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.6.0

Hey, ive been using certbot for awhile now with no issues, its a great service, but recently after my certificate has expired I went to renew it, but I get an error message that tells me that the CA servers failed to reach my website as specified in the logs as

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: sh4rp.tech
  Type:   connection
  Detail: 98.114.239.36: Fetching http://sh4rp.tech/.well-known/acme-challenge/y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ: Timeout during connect (likely firewall problem)

I dont quite know whats is causing this issue since when my computer is online the website can be accessed from the greater internet any help would be appreciated

attached is the full log file

2023-10-02 19:21:31,345:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 1515
2023-10-02 19:21:31,641:DEBUG:certbot._internal.main:certbot version: 2.6.0
2023-10-02 19:21:31,641:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3024/bin/certbot
2023-10-02 19:21:31,641:DEBUG:certbot._internal.main:Arguments: ['--preconfigured-renewal']
2023-10-02 19:21:31,641:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#dns-cloudflare,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-10-02 19:21:31,650:DEBUG:certbot._internal.log:Root logging level set at 30
2023-10-02 19:21:31,651:DEBUG:certbot._internal.plugins.selection:Requested authenticator None and installer None
2023-10-02 19:21:31,688:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.57
2023-10-02 19:21:31,786:DEBUG:certbot._internal.plugins.disco:No installation (PluginEntryPoint#nginx): Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
Traceback (most recent call last):
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 111, in prepare
    self._initialized.prepare()
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot_nginx/_internal/configurator.py", line 194, in prepare
    raise errors.NoInstallationError(
certbot.errors.NoInstallationError: Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
2023-10-02 19:21:31,788:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f8c5808f3a0>
Prep: True
2023-10-02 19:21:31,788:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f8c5808f3a0> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f8c5808f3a0>
2023-10-02 19:21:31,788:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2023-10-02 19:21:31,827:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/954348556', new_authzr_uri=None, terms_of_service=None), 1aae47fedf096030c8ffe6d713257ab7, Meta(creation_dt=datetime.datetime(2023, 2, 8, 1, 59, 58, tzinfo=<UTC>), creation_host='cooper', register_to_eff=None))>
2023-10-02 19:21:31,827:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-10-02 19:21:31,828:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-10-02 19:21:32,039:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-10-02 19:21:32,040:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:32 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "V9YTBFnGSx4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-10-02 19:21:35,177:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-09-19 22:54:37 UTC.
2023-10-02 19:21:35,177:INFO:certbot._internal.renewal:Certificate is due for renewal, auto-renewing...
2023-10-02 19:21:35,177:DEBUG:certbot._internal.display.obj:Notifying user: Renewing an existing certificate for sh4rp.tech
2023-10-02 19:21:35,189:DEBUG:certbot._internal.plugins.selection:Requested authenticator <certbot._internal.cli.cli_utils._Default object at 0x7f8c5484ff70> and installer <certbot._internal.cli.cli_utils._Default object at 0x7f8c5484ff70>
2023-10-02 19:21:35,193:DEBUG:acme.client:Requesting fresh nonce
2023-10-02 19:21:35,193:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-10-02 19:21:35,257:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-10-02 19:21:35,257:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:35 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: kQ7ZnGjxg36C-NrtZLVVX2_flqMnbgD4cIt5whuBuMeecOySIrk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2023-10-02 19:21:35,257:DEBUG:acme.client:Storing nonce: kQ7ZnGjxg36C-NrtZLVVX2_flqMnbgD4cIt5whuBuMeecOySIrk
2023-10-02 19:21:35,257:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "sh4rp.tech"\n    }\n  ]\n}'
2023-10-02 19:21:35,259:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogImtRN1puR2p4ZzM2Qy1OcnRaTFZWWDJfZmxxTW5iZ0Q0Y0l0NXdodUJ1TWVlY095U0lyayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIn0",
  "signature": "c9RReiolK5Hd9uMsjprWVgYl1Ra449u0EEVJusHMiJbfllL9_Uyf5EzZCYcOpriiWHc0tKQvVswdAvaA2gn5tiJI07Tpd0dNrwiDZPFaj40kCbnMJaeEP623SavLr7W6DXLt4-runjY1xQDnEo5oMkXiRnRvKWLdcBkNKvqE2Q2xa9glgAh35S_NaGB0U5XfMfzXyZmtaxlBq1wpl8kS8R4R9zYH30rcunUM7LbyTaYtwrih4WYBpXetVbn4YwRvP6DDsbusU4DRXRAhvxLbiznAiU8jYzgTo4IMxqWWW9Xgh704fXEV1TzDXN3FMTDZY2vnRhT_W8u1N4ASueCNSw",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNoNHJwLnRlY2giCiAgICB9CiAgXQp9"
}
2023-10-02 19:21:35,466:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335
2023-10-02 19:21:35,467:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Mon, 02 Oct 2023 23:21:35 GMT
Content-Type: application/json
Content-Length: 335
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/954348556/212428431986
Replay-Nonce: kQ7ZnGjxFKQ_YwAV_J3el6FIRq08um6BKfyp_M5Ur_b2-yiKnhI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "sh4rp.tech"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/954348556/212428431986"
}
2023-10-02 19:21:35,467:DEBUG:acme.client:Storing nonce: kQ7ZnGjxFKQ_YwAV_J3el6FIRq08um6BKfyp_M5Ur_b2-yiKnhI
2023-10-02 19:21:35,467:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:35,469:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogImtRN1puR2p4RktRX1l3QVZfSjNlbDZGSVJxMDh1bTZCS2Z5cF9NNVVyX2IyLXlpS25oSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "Fe3wHGPJ8GZ7iObWMqvLU6zJP-qZNmxRQHjL5EewDykEVbs1jUvWMpgaWqSJQpv8REr8ZEqk9bw_oNQ_HC607LgcIfBQ5OB7-OBI9khnhx7OIi3AyZK28-kSKnO1pWsI5kiChTqUXIQ3kcPghf5ac1dme5SAgMQ-nj5WACkZjFAbCrN3JnRoUvoaFJ-rrn-YUxLiQNxv_SBYgEPWeLBitbIEhbkNAnkGyZjgsN6uHIVsFNpznVCpSpxNKqElQOMiLB6B3U4eeIk_DD9ziXDYBRgKInxu6EXRnR1CiKrwD3dg4lkVgd7n_8GuR516ySvVEP4kJ2ZM0lnNzOEki_gcQA",
  "payload": ""
}
2023-10-02 19:21:35,547:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:35,548:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:35 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: kQ7ZnGjxfZRIzUahjSJU2ORKJP1xBG_dNEWW9Fizy0LxyGF2xAY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:35,548:DEBUG:acme.client:Storing nonce: kQ7ZnGjxfZRIzUahjSJU2ORKJP1xBG_dNEWW9Fizy0LxyGF2xAY
2023-10-02 19:21:35,548:INFO:certbot._internal.auth_handler:Performing the following challenges:
2023-10-02 19:21:35,548:INFO:certbot._internal.auth_handler:http-01 challenge for sh4rp.tech
2023-10-02 19:21:35,551:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: sh4rp.tech in: /etc/apache2/sites-enabled/sh4rp.tech.conf
2023-10-02 19:21:35,552:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: sh4rp.tech in: /etc/apache2/sites-enabled/sh4rp.tech-le-ssl.conf
2023-10-02 19:21:35,552:DEBUG:certbot_apache._internal.http_01:writing a pre config file with text:
         RewriteEngine on
        RewriteRule ^/\.well-known/acme-challenge/([A-Za-z0-9-_=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]
    
2023-10-02 19:21:35,552:DEBUG:certbot_apache._internal.http_01:writing a post config file with text:
         <Directory /var/lib/letsencrypt/http_challenges>
            Require all granted
        </Directory>
        <Location /.well-known/acme-challenge>
            Require all granted
        </Location>
    
2023-10-02 19:21:35,568:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-enabled/sh4rp.tech.conf
2023-10-02 19:21:35,568:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-enabled/sh4rp.tech-le-ssl.conf
2023-10-02 19:21:38,645:DEBUG:acme.client:JWS payload:
b'{}'
2023-10-02 19:21:38,646:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogImtRN1puR2p4ZlpSSXpVYWhqU0pVMk9SS0pQMXhCR19kTkVXVzlGaXp5MEx4eUdGMnhBWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjcwMTQ0Mjc5MzI2L3EyRmFDdyJ9",
  "signature": "tfoRXN3xyAF9G1akhByl8ItJBBTrG2v1fYKH-W1ar5RVP2kpcI8KT7t9QbkliyZMjis4R1Y5YuAlQCBf93rWIw9oLyXh-Dwoa70wSOrAWVZgqWtaUUfxucoEm0y76ZtkErIgH5q7-q7i_qJuomc9cf-CJoQAS7SmQnQad0nkAQZAWx-4bAOg833RS4DZ4hpJJbHKNXhJb9M8Xog9xVVJ03NneAZaePCRPJXzXkFtFDUZPwXBoeYNCxr15bSCM0yHSqZ9qkwC53hvmVaHlbQlei3bms1R9RsF2YWCWSRay4Ita8kK81O8jFSOqgHUwGiJYClfGRLvyqjaxx-RQ40ysw",
  "payload": "e30"
}
2023-10-02 19:21:38,712:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/270144279326/q2FaCw HTTP/1.1" 200 187
2023-10-02 19:21:38,712:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:38 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw
Replay-Nonce: kQ7ZnGjxtgNJt0vldt1LBUtrwvydikrJmv3Zpdd5Yed7dam1qRE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
  "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
}
2023-10-02 19:21:38,712:DEBUG:acme.client:Storing nonce: kQ7ZnGjxtgNJt0vldt1LBUtrwvydikrJmv3Zpdd5Yed7dam1qRE
2023-10-02 19:21:38,712:INFO:certbot._internal.auth_handler:Waiting for verification...
2023-10-02 19:21:39,714:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:39,715:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogImtRN1puR2p4dGdOSnQwdmxkdDFMQlV0cnd2eWRpa3JKbXYzWnBkZDVZZWQ3ZGFtMXFSRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "yyjorfg0jQT0_b0oTOOckpfj-HMHJs7oLD9_fP_v6tGvhWZm7pd0tAMQIJoNnbdTIPQFATAz07U04ZH1jQGwpvJn2j1gxqvtL3O117SwzPfQogdr7IQE2oaovLyQhZ3m716DY9g1_o2_AnIHmCh-Ha9JaEsrFim6ZlOTT60PqvXJsZy_KW3yFYMErQenVCvkodyzmVTSrA-i7SI1wmlrZ2uSGU9YXbeGlRbTeUUp6x263cyGRx5nPvJuoqdoj2Ol4gNwO7x_zbvFj82RAPYg9J47Mn-gT7O0ZigDefCVvUGYhUEuwjvhd6c1aj7YNn0Qz1CJQnEzIm14QIluYfZX9w",
  "payload": ""
}
2023-10-02 19:21:39,796:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:39,797:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:39 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: kQ7ZnGjxQ9QSbq6I4JTgWvP2URDCVOgjHTqQJ8DJjUCWBRJ8eic
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:39,797:DEBUG:acme.client:Storing nonce: kQ7ZnGjxQ9QSbq6I4JTgWvP2URDCVOgjHTqQJ8DJjUCWBRJ8eic
2023-10-02 19:21:42,800:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:42,801:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogImtRN1puR2p4UTlRU2JxNkk0SlRnV3ZQMlVSRENWT2dqSFRxUUo4REpqVUNXQlJKOGVpYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "A0IPc5LHnrOzrPltjqfnWyXvb15LhpbVj-QAYmPyBgxVmR8LLcwxQo32ZKihCmZX-mq8fWnHrusz-o0G2OoJH9vOsFtsAs1mOO_dqeke1LRKIMPUdo7IeYTkgKwFCAI2LgvXmhYdlYO3tTcULxH2oDnvycHPmtcx5CaDpUGxtp-lSDfynX62YTsAqwublw0EUo89KMw5bmWznt2Leu4b-IyEGdRkC4u3FuEVcepn61-Jv8RVaeEveNHTkhvniWpM1d4_IHQYP48DX3LPMOI6iWoOUCI7Yd2Y5nlSa7gzVHnhZnTGnZmPXZmjk-xXNMBzt17B1r9UuanA_XimuBZ1Sg",
  "payload": ""
}
2023-10-02 19:21:42,867:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:42,867:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:42 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: kQ7ZnGjx6kjXjRPNFoVZ44KmoGWwqNdGzPqM6hdlLlMPUgy6cvI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:42,868:DEBUG:acme.client:Storing nonce: kQ7ZnGjx6kjXjRPNFoVZ44KmoGWwqNdGzPqM6hdlLlMPUgy6cvI
2023-10-02 19:21:45,871:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:45,872:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogImtRN1puR2p4NmtqWGpSUE5Gb1ZaNDRLbW9HV3dxTmRHelBxTTZoZGxMbE1QVWd5NmN2SSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "SPS0fKKElubsVZPNvOibI6IoXwNAXhvICenWttUasUdvFAXCTI9fz-T70IzjVvn5QpZ0rXiMKSrOctQE8jw-TR9n52X32SaF-MqVFxFAO7b3JerWNZ6f-ANBh8Uq-NflfNsuzK-loHz_m4C9tyQ-w5CnkwU1onc7WNfE1cceV9jfXcqxBq6qKjcu6ElBpYoMXie4kPg9HcuQh2PUqWfUVMGkXgf0J3GJd9Rl1_X1y0vA9B6Bo_fY79JfMos87V_5vQzfexAdYkG0C4D0iL68SeUZMhVphNylbX4GAb_UvQnlKWPsZZS6KsTTh-F6t8NEdVP3Q0en9BTV5olb-zSpZQ",
  "payload": ""
}
2023-10-02 19:21:45,939:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:45,939:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:45 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: kQ7ZnGjx5V7ylwdPAJwhVdlCLNQhNzrCLcOA-T2-V4gNdMqqSLw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:45,939:DEBUG:acme.client:Storing nonce: kQ7ZnGjx5V7ylwdPAJwhVdlCLNQhNzrCLcOA-T2-V4gNdMqqSLw
2023-10-02 19:21:48,943:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:48,944:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogImtRN1puR2p4NVY3eWx3ZFBBSndoVmRsQ0xOUWhOenJDTGNPQS1UMi1WNGdOZE1xcVNMdyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "jkjlj9d4xJCnLKtuYSLYTvxKlM2lfKnh2A7Pz2TpUz8Tl2XiDVytkjxUtOQAjoBK00mJnh3OpN7BjokovmHm2xnPZmsRPDcFB_9h2eyjz69QISm0BH7_QQcwsJ0_t8G6wXGwtH0Hf6W-X1mIy3NNUJMpNF2voJKh9RPVGga7i6ikubZV2LT99_J16xBMXShMpfyZLTFfUliqGAIVgCqDuGT1ojPj2oYFjpA5XgS0j1liH8UDnF5Jp08hzNWbuQAmtbwaWQlO8Qdu21KISjPTqW5aflBbtX44jG1ZJ_mItEVHoNFiUWQtWvjHkFHYPHqpMm-exfyJQZhlZLOrsWtyiA",
  "payload": ""
}
2023-10-02 19:21:49,025:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:49,025:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:48 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 3hclikJOBvX7xYVkX-u6nkf4MnCrKAyDuB04dsBPQv2TsXxm6Bg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:49,025:DEBUG:acme.client:Storing nonce: 3hclikJOBvX7xYVkX-u6nkf4MnCrKAyDuB04dsBPQv2TsXxm6Bg
2023-10-02 19:21:52,028:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:52,029:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogIjNoY2xpa0pPQnZYN3hZVmtYLXU2bmtmNE1uQ3JLQXlEdUIwNGRzQlBRdjJUc1h4bTZCZyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "W9PCwPV3EKrmJzA_6Q6_ieAq0duxOBSgQQbh-U-jZZGDlyYI3_rnkH6r_X8-Vx_3UdiooUWuVbZ16HN-pV-N91VbhC6BaF67FwrZIllL9Y4f9dz__H3NIqXR3PRRx7TvyGeRi-2GWcf57yGHWsdXmDza86PD-VASjVqTmq3rijKY_D9VFiporRbMWnzii3FlF_F3YgjGjkUVPisg6SVChMzcTH_-CwgYkgKfO714XfePS7vK261OxehfRKLW2YOTPKCL9VoNNfpuquu_a_uOL5OQDVfTqoDpLcBxH8JD-a9XW1rZH9GAprDa0fZdJhiz7AaxkdgaLqfg67xl4Zz3ew",
  "payload": ""
}
2023-10-02 19:21:52,094:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:52,094:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:52 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 3hclikJOVNsBKDxjczTneOp_5-qLBdzddCsAuWujCRWd8mONU_k
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:52,094:DEBUG:acme.client:Storing nonce: 3hclikJOVNsBKDxjczTneOp_5-qLBdzddCsAuWujCRWd8mONU_k
2023-10-02 19:21:55,097:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:55,098:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogIjNoY2xpa0pPVk5zQktEeGpjelRuZU9wXzUtcUxCZHpkZENzQXVXdWpDUldkOG1PTlVfayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "RuDXLW1UmDDyIC5S9F1-LAwnQrIH1zZe2Wn-cvB2o8YDsvOYPN7xfnmc-kaISVn89UvurHJaUuao0K_XygNnGhDqkr5TbaunOgzEeYTEmLJoAYv0EN0bo7AR5ESbZ9neSgBZ0kx4V1v1Ubc1Q9OU1JixH0c334BU2ACT1C3Tb9Dil01cq1t84QzAKeNq19yzcfj2s_KF5HWYrEj3sjdeUW5qYftb-jIU9M3aZnlMwkp9uKigfud9TlNBXU4G2GM9TGeXvx_GiufUyKvnmcJVvjSE3lITLPFWjJE1JkpzavFUA0aPYBOYyNS77sxBaQmwv0aYyV6lQPEYgrcH259ycA",
  "payload": ""
}
2023-10-02 19:21:55,164:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:55,164:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:55 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 3hclikJOcW5sRkc1Sc-yx_nQleCHh4u8JcVJw6ru-s8Gard6bW8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:55,164:DEBUG:acme.client:Storing nonce: 3hclikJOcW5sRkc1Sc-yx_nQleCHh4u8JcVJw6ru-s8Gard6bW8
2023-10-02 19:21:58,167:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:21:58,168:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogIjNoY2xpa0pPY1c1c1JrYzFTYy15eF9uUWxlQ0hoNHU4SmNWSnc2cnUtczhHYXJkNmJXOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "JyHdhttb52B9jEdSHqg2sab_h9E-HjY9bJqCHtUeWsYQdeP1pFDOQjHCp51TpF0Aesr62r5yxJUWKCR9XZ8ZtaGae6YL9NGyy8JPllJAsYstnN5jl6dLlS78fasq7VPwmI-NKThmoxtI2u_sxcsdh9XzsEZMbS4hnLQ0vyCBDjj4y8FoNKROnugX3QYPq7hwZv8KJUkOogLNp26VzT-jPucs1AakEJMWrUQ8aOawBeM6CgJVJyvwpHE1_mzshIOABb7bQCDeLR5iY6x4plgEJqmjr_de_aTmMYFeix2HVs_vzf3nnVv5GAxm_Vx-cjgvUsZaBcn-fgCrhGwpJDk1AA",
  "payload": ""
}
2023-10-02 19:21:58,235:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 794
2023-10-02 19:21:58,235:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:21:58 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 3hclikJO_A5xU3ubegD19NLazO_oIEyynpntKFBRv6XZOiaeJdU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "pending",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/RDOlBQ",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/P62hfw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ"
    }
  ]
}
2023-10-02 19:21:58,235:DEBUG:acme.client:Storing nonce: 3hclikJO_A5xU3ubegD19NLazO_oIEyynpntKFBRv6XZOiaeJdU
2023-10-02 19:22:01,239:DEBUG:acme.client:JWS payload:
b''
2023-10-02 19:22:01,240:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/270144279326:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU0MzQ4NTU2IiwgIm5vbmNlIjogIjNoY2xpa0pPX0E1eFUzdWJlZ0QxOU5MYXpPX29JRXl5bnBudEtGQlJ2NlhaT2lhZUpkVSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjcwMTQ0Mjc5MzI2In0",
  "signature": "vp8oixtyuqz3s1xpjeagCzd0cfYrMxdjhV7qXgVu0X2VugY-iV_pqTHXSIvR7Rn9eQY8kqVnawV9TA1rbVWk0MDx-ORrBQbq99W2S8iWzXVF1v9-1yfXgv6BSNnxjI2mLA_sU0P9kkQ1PjeSOosZ79LTgDu1Lfrflfn7j5KHZZXB3XxhjwNLWY1D_P5nA-G6f2yatpqjjyb2PylGV9ABbQUT9PfuYfHGpq5CWHBC40qJ9TB8YRkaqeGtDCArP1iJXQ_KpHysDT2ttB_RLMP0kYhY3P_couY-ZqbEWM6JzpRvvyCvLH7h_cC2YGY65zznmO_u0CEnnrOpaqEQlLx1pw",
  "payload": ""
}
2023-10-02 19:22:01,308:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/270144279326 HTTP/1.1" 200 1479
2023-10-02 19:22:01,309:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 02 Oct 2023 23:22:01 GMT
Content-Type: application/json
Content-Length: 1479
Connection: keep-alive
Boulder-Requester: 954348556
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: kQ7ZnGjx7ZhFBhb8U0Hge9ck2MMeSMTQBdsMVxvytO1Eo5nxOmk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "sh4rp.tech"
  },
  "status": "invalid",
  "expires": "2023-10-09T23:21:35Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
        "detail": "98.114.239.36: Fetching http://sh4rp.tech/.well-known/acme-challenge/y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ: Timeout during connect (likely firewall problem)",
        "status": 400
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/270144279326/q2FaCw",
      "token": "y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ",
      "validationRecord": [
        {
          "url": "http://sh4rp.tech/.well-known/acme-challenge/y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ",
          "hostname": "sh4rp.tech",
          "port": "80",
          "addressesResolved": [
            "98.114.239.36",
            "2600:4040:7cb4:1d00:15b8:5087:e901:8653"
          ],
          "addressUsed": "2600:4040:7cb4:1d00:15b8:5087:e901:8653"
        },
        {
          "url": "http://sh4rp.tech/.well-known/acme-challenge/y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ",
          "hostname": "sh4rp.tech",
          "port": "80",
          "addressesResolved": [
            "98.114.239.36",
            "2600:4040:7cb4:1d00:15b8:5087:e901:8653"
          ],
          "addressUsed": "98.114.239.36"
        }
      ],
      "validated": "2023-10-02T23:21:38Z"
    }
  ]
}
2023-10-02 19:22:01,309:DEBUG:acme.client:Storing nonce: kQ7ZnGjx7ZhFBhb8U0Hge9ck2MMeSMTQBdsMVxvytO1Eo5nxOmk
2023-10-02 19:22:01,309:INFO:certbot._internal.auth_handler:Challenge failed for domain sh4rp.tech
2023-10-02 19:22:01,309:INFO:certbot._internal.auth_handler:http-01 challenge for sh4rp.tech
2023-10-02 19:22:01,309:DEBUG:certbot._internal.display.obj:Notifying user: 
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: sh4rp.tech
  Type:   connection
  Detail: 98.114.239.36: Fetching http://sh4rp.tech/.well-known/acme-challenge/y-AKYyn7gAtT3-fKUp0S6DbRoasJ-lJhF1UHweddSdQ: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

2023-10-02 19:22:01,310:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2023-10-02 19:22:01,310:DEBUG:certbot._internal.error_handler:Calling registered functions
2023-10-02 19:22:01,310:INFO:certbot._internal.auth_handler:Cleaning up challenges
2023-10-02 19:22:01,395:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/snap/certbot/3024/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/main.py", line 1864, in main
    return config.func(config, plugins)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/main.py", line 1447, in run
    new_lineage = _get_and_save_cert(le_client, config, domains,
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/main.py", line 129, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/renewal.py", line 395, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/snap/certbot/3024/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-10-02 19:22:01,398:ERROR:certbot._internal.log:Some challenges have failed.

rg305 · October 3, 2023, 1:00am

Hi @Sharpjackv, and welcome to the LE community forum

Am I seeing double?:

Is one of those supposed to include "www."?

Is usually exactly as it says.
Can your site be reached via HTTP from the Internet?
Is your ISP now blocking inbound HTTP?
Have you recently added some firewall rules, or such, to block anything?

And since we are dealing with Apache, please also show:
sudo apachectl -t -D DUMP_VHOSTS

rg305 · October 3, 2023, 1:03am

Also...

Name:      sh4rp.tech
Addresses: 2600:4040:7cb4:1d00:15b8:5087:e901:8653
           98.114.239.36

HTTP via both IPv4 and IPv6 fail to connect:

curl -Ii6 sh4rp.tech
curl: (56) Recv failure: Connection reset by peer

curl -Ii4 sh4rp.tech
curl: (56) Recv failure: Connection reset by peer

Sharpjackv · October 3, 2023, 1:19am

now that you mention http, it seems that my apache server has a 301 redirect to https. thats probably the issue.

ive looked into it a bit more and for some reason even after removing all mentions of rewrite engine in all conf files the redirect still occurs, ill keep looking into it.

rg305 · October 3, 2023, 1:24am

No redirect seen.
[nothing is seen via HTTP]

Inbound HTTP connections are NOT reaching Apache.

Sharpjackv · October 3, 2023, 1:30am

this is quite strange
when I run curl i get
sharp@cooper:~$ curl -Ii4 sh4rp.tech
HTTP/1.1 301 Moved Permanently
Location: https://sh4rp.tech/
Date: Tue, 03 Oct 2023 01:30:11 GMT

sharp@cooper:~$

rg305 · October 3, 2023, 1:34am

The problem is with HTTP not HTTPS.

See:
Let's Debug (letsdebug.net)

Sharpjackv · October 3, 2023, 1:41am

Hey, I figured it out, somehow my port forwarding rule for port 80 had somehow vanished, I dont normaly make such braindead mistakes, but thank you for your help. certs are now all back up and running

rg305 · October 3, 2023, 1:45am

OK... progress.

But I still see two problems.

HTTP via IPv6 fails:
[if you are not going to use IPv6, you should remove it from DNS]

curl -Ii6 sh4rp.tech
curl: (56) Recv failure: Connection reset by peer

The HTTP redirection loops back onto itself:

curl -Ii4 sh4rp.tech
HTTP/1.1 302 Found     <<<<<<<<<<<<<<<<<<<<<<<<<
Date: Tue, 03 Oct 2023 01:43:22 GMT
Server: Apache/2.4.57 (Ubuntu)
Location: http://sh4rp.tech/     <<<<<<<<<<<<<<<<<<<<<<<<<
Content-Type: text/html; charset=iso-8859-1

rg305 · October 3, 2023, 1:47am

Recall from above:

system · November 2, 2023, 1:47am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certification Renewal Issue Help	7	963	December 5, 2019
Can not renew certificate Help	24	592	November 30, 2023
Certificate renewal fails Help	10	631	July 13, 2024
Renew certbot is no longer working? Help	4	1106	May 8, 2019
Certificate renew Help	6	520	May 12, 2023

Help with cert renewal

Related topics