Http-01 challenge fails with timeout

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
certbot certonly --manual

It produced this output:

Create a file containing just this data:


And make it available on your web server at this URL:

Waiting for verification…
Challenge failed for domain
http-01 challenge for
Cleaning up challenges
Some challenges have failed.


My web server is (include version):
nginx version: nginx/1.17.8

The operating system my web server runs on is (include version):
Darwin loki 19.3.0 Darwin Kernel Version 19.3.0: Thu Jan 9 20:58:23 PST 2020; root:xnu-6153.81.5~1/RELEASE_X86_64 x86_64

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 1.2.0

I can indeed retrieve the correct content with curl from the correct url:
$ curl

Thank you for any help!


Hi @bprager

your domain doesn’t answer -

Only timeouts:

Domainname Http-Status redirect Sec. G -14 10.033 T
Timeout - The operation has timed out -14 10.033 T
Timeout - The operation has timed out -14 10.050 T
Timeout - The operation has timed out -14 10.027 T
Timeout - The operation has timed out -14 10.030 T
Timeout - The operation has timed out
Visible Content: -14 10.027 T
Timeout - The operation has timed out

May be a firewall or a wrong router configuration.

Is this - - your ip? That’s the ip of your domain.


That is correct ‘’ is the ip address of my domain.


also works from here. Maybe Thailand Internet provider issues?

1 Like

Fetching the check-your-website URL works, but the page on check-your-website is saying that it attempted to reach your website and it got a timeout, confirm what the Let’s Encrypt servers said: they can’t connect to your website.

Many ISPs block inbound traffic like HTTP. It looks like your ISP might be doing that. Have you ever succeeded in running a plain HTTP website on your domain name? I would try to get that working first. Probably you should call your ISP and ask whether they block HTTP traffic.


Oh, and one other common cause of problems for home users: You might be running a server behind your personal router / firewall, and your personal router / firewall is not forwarding HTTP traffic to your server. If that’s the case, you’ll need to configure your router to forward traffic to your server.


Maybe. Ask your provider if port 80 is blocked. Perhaps use dns validation + --manual. That should always work - but it’s painful, no automation.

Your hostname

answers via ping, so your ip address is online. Same with tracert.

Check the documentation of your router to see, how port forwarding works.

Doesn’t look like a blocked ip address.


I changed my router configuration to port 8080 and that seems to work. In this case it would be the provider, right? Bad luck for me.

1 Like

Yep, answers with the standard nginx page.

But if it’s not possible to use port 80, then you can’t use http validation.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.