Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: sudo certbot certonly --standalone
It produced this output: Requesting a certificate for dfs2027.com An unexpected error occurred: requests.exceptions.ConnectionError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
My web server is (include version): I am using NPM
The operating system my web server runs on is (include version): Ubuntu 20.4lts
My hosting provider, if applicable, is: On prem
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 5.1.0
The error says it all... Your server refused the connection,
chkports.sh
Enter an IP address or domain name: dfs2027.com
Scanning 105.112.249.246 (dfs2027.com) for open ports 22, 80, and 443...
Nmap results for 105.112.249.246 (dfs2027.com):
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-11-14 08:46 PST
Nmap scan report for 105.112.249.246
Host is up (0.27s latency).
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
465/tcp closed smtps
587/tcp closed submission
993/tcp closed imaps
Certbot can't get you a cert without ports 80 and 443 being accessible from the internet.
open 80 and 443 and try again.
That is true but they tried using --standalone. Certbot will start a listener on port 80 which should avoid the "Closed" report from nmap.
There are better ways to test --standalone though.
But, before that, @Nabil_bamalli why are you using --standalone option with NPM? Doesn't NPM handle running Certbot itself? It usually configures Certbot so that it matches the configuration of the containers and the rest that it sets up.
