Please fill out the fields below so we can help you better.
My domain is:
supera.com.br
I ran this command:
certbot renew
It produced this output:
Attempting to renew cert (www.supera.com.br) from /etc/letsencrypt/renewal/www.supera.com.br.conf produced an unexpected error: (‘Connection aborted.’, error(101, ‘Network is unreachable’)). Skipping.
My web server is (include version):
Nginx v1.14.0
The operating system my web server runs on is (include version):
centos-release-7-5.1804.el7.centos.2.x86_64
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
_az
July 19, 2018, 12:42am
2
mtr -c 10 acme-v02.api.letsencrypt.org --report
curl -v -m 10 https://acme-v02.api.letsencrypt.org/directory
Results:
mtr -c 10 acme-v02.api.letsencrypt.org --report
Start: Wed Jul 18 20:41:47 2018
HOST: reverse-proxy.supera.com.br Loss% Snt Last Avg Best Wrst StDev
1.|-- gateway 0.0% 10 0.3 0.3 0.3 0.4 0.0
2.|-- 198.50.173.38 0.0% 10 1.3 1.4 1.2 1.8 0.0
3.|-- vl6.bhs-d2-a75.qc.ca 0.0% 10 0.6 0.6 0.5 0.7 0.0
4.|-- 10.95.81.10 0.0% 10 3.4 2.2 1.8 3.4 0.3
5.|-- be100-1324.chi-5-a9.il.us 0.0% 10 17.9 17.6 17.3 17.9 0.0
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
7.|-- 1-3.r1.dc.hwng.net 0.0% 10 35.0 30.1 26.8 38.4 4.4
8.|-- 209.197.13.13 0.0% 10 60.5 35.0 27.2 60.5 13.3
9.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
curl -v -m 10 https://acme-v02.api.letsencrypt.org/directory
About to connect() to acme-v02.api.letsencrypt.org port 443 (#0 )
Trying 23.57.151.37…
After 4745ms connect time, move on!
Trying 2600:1419:0:39a::3a8e…
Failed to connect to 2600:1419:0:39a::3a8e: Network is unreachable
Trying 2600:1419:0:39c::3a8e…
Failed to connect to 2600:1419:0:39c::3a8e: Network is unreachable
Failed connect to acme-v02.api.letsencrypt.org:443 ; Network is unreachable
Closing connection 0
curl: (7) Failed to connect to 2600:1419:0:39a::3a8e: Network is unreachable
_az
July 19, 2018, 12:48am
4
grep -i letsencrypt /etc/hosts
I executed the command but got nothing
_az
July 19, 2018, 12:52am
6
LucasPereira:
23.57.151.37
The problem is that this server isn't online.
So one of two things is happening:
You have an extremely stale DNS record for the API domain for some reason
Or Let's Encrypt/Akamai is having an outage.
What DNS resolver is your system using (/etc/resolv.conf
) ?
dig acme-v02.api.letsencrypt.org
would help too.
My resolve.conf has 2 entries, My domain DNS Server and Google DNS Server (8.8.8.8)
dig results:
dig acme-v02.api.letsencrypt.org
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> acme-v02.api.letsencrypt.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41033
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;acme-v02.api.letsencrypt.org . IN A
;; ANSWER SECTION:
acme-v02.api.letsencrypt.org . 6554 IN CNAME api.letsencrypt.org-ng.edgekey.net .
api.letsencrypt.org-ng.edgekey.net . 12599 IN CNAME e14990.dscx.akamaiedge.net .
e14990.dscx.akamaiedge.net . 20 IN A 23.57.151.37
;; Query time: 357 msec
;; SERVER: 172.27.0.28#53(172.27.0.28)
;; WHEN: Wed Jul 18 20:52:32 EDT 2018
;; MSG SIZE rcvd: 158
_az
July 19, 2018, 12:56am
8
Consider removing your local DNS server from resolv.conf
temporarily and seeing if it helps.
1 Like
Wow, that worked, thanks! I appreciate the help!
Now begins the quest to finding out what’s wrong with my DNS Server… yay…
2 Likes
system
Closed
August 18, 2018, 12:59am
10
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.