I run a basic Bash shell that i use to help with my hosting support role. I set up Certbot for generating SSL certs, but it is no longer connecting to acme-v02.api.letsencrypt.org
curl: (7) Failed to connect to acme-v02.api.letsencrypt.org port 443: Connection timed out
my server ip is 66.84.14.220, has it been blocked? And if so, can i get the reason so I can investigate
A connection timeout does not sound like any block from Let's Encrypt. I'm not sure what the error message would be if your IP address was blocked, but I'm preeeetty sure it's not a timeout. It helps debugging while Certbot is paused with the challenge(s) in place.
Can you connect to anything? Try
curl -I https://google.com
no issues connecting to any other hosts
unable to ping host
traceroute ends at cloudflare owned IP
172.69.206.2
For a traceroute to succeed you'd need to use e.g. the command:
sudo traceroute -T -p 443 acme-v02.api.letsencrypt.org
Otherwise it'll indeed end at the hop just before the destination. When I do a regular traceroute without any options, the last hop seen is hop nr 5. But with the above command, the traceroute doesn't show anything for hops 1 through 5, but hop 6 is suddenly the final destination and succeeds.
it ends in at the same IP
1 s6.n8.n84.n66.static.myhostcenter.net (66.84.8.6) 0.097 ms 0.120 ms 0.047 ms
2 23-95-129-9-host.colocrossing.com (23.95.129.9) 0.917 ms 0.824 ms 0.917 ms
3 192-210-220-217-host.colocrossing.com (192.210.220.217) 0.919 ms 0.859 ms 1.032 ms
4 * 10.8.7.53 (10.8.7.53) 0.495 ms *
5 10.8.32.57 (10.8.32.57) 13.303 ms 10.8.5.217 (10.8.5.217) 0.546 ms 10.8.13.233 (10.8.13.233) 0.621 ms
6 * * *
7 be2617.rcr21.yhm01.atlas.cogentco.com (154.54.0.89) 2.052 ms 2.063 ms 1.986 ms
8 be2621.ccr31.yyz02.atlas.cogentco.com (154.54.40.77) 3.200 ms 3.365 ms 3.323 ms
9 38.88.240.186 (38.88.240.186) 14.303 ms 14.126 ms 13.981 ms
10 108.162.239.2 (108.162.239.2) 14.021 ms 13.919 ms 172.69.206.2 (172.69.206.2) 16.469 ms
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
this is the command that i use:
sudo certbot --manual --preferred-challenges dns certonly -d *.$domain -d $domain
same command works on a local machine.
Can you get a response from curl?
curl https://acme-v02.api.letsencrypt.org/directory
curl: (7) Failed to connect to acme-v02.api.letsencrypt.org port 443: Connection timed out
Please confirm with:
curl ifconfig.io
[rconroy]:~ curl ifconfig.io
66.84.14.220
66.84.14.220 is not blocked.
Okay, thanks for checking
Back to the drawing board 
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.