Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
noekis-pm.lknoe.at
I ran this command:
sudo certbot --standalone --config /path/to/config
It produced this output:
Timeout during connect (likely firewall problem)
My web server is (include version):
standalone (1.22.0)
The operating system my web server runs on is (include version):
CentOS 8
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
1.22.0
Further Information: When I issue the command curl -v noekis-pm.lknoe.at/.well-known/acme-challange
during the renewal process from another machine outside of my network, I receive the following response, which leads me to the consulsion that it's not a firewall issue; furthermore when I start my webserver, port 80 und 443 are reachable.
> GET /.well-known/acme-challange HTTP/1.1
> Host: noekis-pm.lknoe.at
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
* HTTP 1.0, assume close after body
< HTTP/1.0 404 Not Found
< Server: BaseHTTP/0.6 Python/3.8.10
< Date: Mon, 03 Jan 2022 07:07:55 GMT
< Content-type: text/html
<
I suspect that this issue exists because the IP adresses by which letsencypt tries to contact the server are blocked by our enterprise security team. In order to file a request to whitelist these IPs I need a list of them.
Is there any source of valid IP adresses available?
Thanks in advance for your help.