Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: bread365.com
I ran this command: certbot -v
It produced this output:
`[root@bread365 ~]# certbot -v
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate and install certificates?
1: Apache Web Server plugin (apache)
2: Nginx Web Server plugin (nginx)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
1: bread365.com
2: towniebread.com
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for bread365.com
Performing the following challenges:
http-01 challenge for bread365.com
Waiting for verification...
Challenge failed for domain bread365.com
http-01 challenge for bread365.com
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: bread365.com
Type: connection
Detail: 47.181.10.189: Fetching http://bread365.com/.well-known/acme-challenge/RKDwpepav4UnfRPWiiqj9qLNXQ0KOkbOEijjy3XL_rY: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Cleaning up challenges
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
`
My web server is (include version):
[Beelink SER5 MAX Mini PC, AMD Ryzen 7 5800H(7nm, 8C/16T) up to 4.4GHz, Mini Computer 32GB DDR4 RAM 500GB NVME SSD,]
The operating system my web server runs on is (include version): Rocky Linux 9.3
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): YES
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Sometime, command line or WEBMIN
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.6.0
My network is as follows:
I host my DNS on GoDaddy so I know DNS validation will NOT work.
47.181.10.189 - External IP
Goes through my router/firewall and gets addressed to my internal ip 192.168.2.222 My firewall/router will only route via IP it will not look at the name bread365.com only knows to route the ip
I can access my web server http://bread365.com via port 80 everything works on the virtual hosts. I have 2 set up but currently only setting up one for SSL. The other will be done when I move that to site to this new server at a later date.
The firewall on the Rocky Linux box has both port/service 80(http) and 443(https) set to ALLOW
in my HTTPD virtual host config
I have tried ANY for IP address or 192.168.2.222 - both fail
I've tried ANY for port or 80 - both fail.
I have the full letsencrypt.log file but nothing in there helps me figure out where its failing.
I do not see any requests coming into the access_log/ssl_access_log files for the web server from letsencrypt. I do see my requests coming in if I browse the site.
This isn't hard so I'm at a loss of why I can't figure it out - ha ha I've done it on few hosted sites without any problem along with others I have hosted.
Any help would be appreciated.
