I think my IP Address is blocked

sam5881 · December 12, 2022, 10:10pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
wave-alchemy.fifteen.dev

I ran this command:
curl -Ii https://acme-v02.api.letsencrypt.org/acme/new-acct

It produced this output:
ERROR: Problem connecting to server (post for https://acme-v02.api.letsencrypt.org/acme/new-acct; curl returned with 35)

My web server is (include version):
nginx 1.20.1

The operating system my web server runs on is (include version):
Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-135-generic x86_64)

My hosting provider, if applicable, is:
Digital Ocean

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

rg305 · December 12, 2022, 10:26pm

Hi @sam5881, and welcome to the LE community forum

It might be blocked.
You should include the IP address in question.

Also, does your system have IPv4, or IPv6, or both?
If both, please retry the curl with -4 and then with -6.

Is there any type of SSL inspection device along the way?

Are you behind the Great Firewall of China? [not likely]

Bruce5051 · December 12, 2022, 10:41pm

I do not believe it is blocked. Using this online tool Let's Debug yields these results https://letsdebug.net/wave-alchemy.fifteen.dev/1298834 for HTTP-01 Challenge.

Also:

$ nmap wave-alchemy.fifteen.dev
Starting Nmap 7.91 ( https://nmap.org ) at 2022-12-12 14:38 PST
Nmap scan report for wave-alchemy.fifteen.dev (46.101.82.115)
Host is up (0.15s latency).
Not shown: 997 filtered ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 11.00 seconds

sam5881 · December 12, 2022, 10:45pm

Hi @rg305

IPV4 46.101.82.115

Same result with curl -4

No SSL Inspection

In a London based data centre.

MikeMcQ · December 12, 2022, 10:51pm

What do these show?

curl -I https://google.com

curl -I https://cloudflare.com

rg305 · December 12, 2022, 10:55pm

I do show some bad stuff from that IP about a year ago.
I'm not alone on that:
MultiRBL.valli.org - Results of the query 46.101.82.115
How long have you had that IP?

mcpherrinm · December 13, 2022, 1:35am

This IP is not blocked

rg305 · December 13, 2022, 3:19am

What shows?:
traceroute -4 -n -T -p 443 acme-v02.api.letsencrypt.org

sam5881 · December 13, 2022, 9:44am

my service provider came back with:

It looks like Let's Encrypt had a certificate error in the last 12 hours that's now corrected

Certificate installed without issue this morning

Thank you everyone for your help.

Osiris · December 13, 2022, 1:28pm

I'm more thinking "You had a routing error or perhaps a Man in the Middle attack and the certificate error saved you from leaking information" than that Let's Encrypt had a certificate issue. If the latter would be the case, this Community would have much more threads regarding this issue than this single one

rg305 · December 13, 2022, 7:43pm

Well, that's a huge pile of ... nonsense!
I think the moon was out of alignment too.
If that's how they typically respond, then I wouldn't trust them much.

system · January 12, 2023, 7:44pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.