I ran this command: sudo certbot certonly --standalone -d panel.mcbest.pl
It produced this output:
1 actionable task: 1 executed
maks@maks-B550M-AORUS-ELITE:~/Pulpit/Minecraft-nodes-minecraft/minecraft-nodes-master/nodes$ sudo certbot certonly --standalone -d panel.mcbest.pl
[sudo] hasło użytkownika maks:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for panel.mcbest.pl
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: panel.mcbest.pl
Type: connection
Detail: 5.173.148.59: Fetching http://panel.mcbest.pl/.well-known/acme-challenge/9l3PyRql-1lYBoSK2_Tb9yrtbLf9VK97KfnMtNqEnlE: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version):
nginx version: nginx/1.24.0 (Ubuntu)
The operating system my web server runs on is (include version):
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 24.04.1 LTS
Release: 24.04
Codename: noble
My hosting provider, if applicable, is:
its my own machine, i bought static ip from my internet provider
I can login to a root shell on my machine (yes or no, or I don't know): no, disabled
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 2.9.0
Usually if you have an nginx server running you do not use --standalone. Instead, use --webroot or --nginx options.
But, if your nginx is running now it is not available from the public internet. This test site is excellent to help debug new servers and comms setups: https://letsdebug.net
maks@maks-B550M-AORUS-ELITE:~$ sudo certbot certonly --nginx -d panel.mcbest.pl
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running nginx -c /etc/nginx/nginx.conf -t.
2025/01/14 16:27:26 [emerg] 117393#117393: cannot load certificate "/etc/letsencrypt/live/panel.mcbest.pl/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/panel.mcbest.pl/fullchain.pem, r) error:10000080:BIO routines::no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\n2025/01/14 16:27:26 [emerg] 117393#117393: cannot load certificate "/etc/letsencrypt/live/panel.mcbest.pl/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/panel.mcbest.pl/fullchain.pem, r) error:10000080:BIO routines::no such file)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
Your nginx configuration names a file that does not exist. You must remove that reference. Did you delete the certificate(s) you got previously without removing them from nginx? See this for how to safely delete certs: User Guide — Certbot 3.2.0.dev0 documentation
i also think this might be happeing because of wrong configuration of static ip, this was my first time doing this bc i was my whole life doing this on hetzner
If it's a home connection with a router in front of the machine, you may need to set up port forwarding on the router. Did you do that? The address in your log (http://panel.mcbest.pl/) doesn't seem to be accessible from the internet.
WAN port 80-80
LAN port 80-80
LAN IP - the IP assigned to the server in the local network
The rest is not important I think.
and then the same for port 443, for HTTPS.
It would probably be a good idea to also configure a static IP address to the machine in local network, otherwise it may assign it a different one after a restart or over time.
OK, that's good. You may also want to configure this IP to be static in the router config, so it doesn't assign this IP to some other device if the server is not online.
maks@maks-B550M-AORUS-ELITE:~$ sudo certbot certonly --standalone -d panel.mcbest.pl
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for panel.mcbest.pl
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: panel.mcbest.pl
Type: connection
Detail: 94.254.163.7: Fetching http://panel.mcbest.pl/.well-known/acme-challenge/N3IkIBYwhy1do8c8nvIlBxYQLmCk3cu_iVfoOvCdJiI: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
