Imposible de renouveler le certificat et ajoutant un nouveau sous-domaine (Error getting validation data)

Help Aide (en français)
1

Je peux lire des réponses en Anglais : oui

Mon nom de domaine est : td-iconsult.fr (enregistrements : next.td-iconsult.fr et dmz.td-iconsult.fr)

J’ai exécuté cette commande : certbot certonly --nginx

Elle a produit cette sortie :

[root@EBO-R-PROXY /]# certbot certonly --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?

1: dmz.td-iconsult.fr
2: next.td-iconsult.fr

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):

You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/next.td-iconsult.fr-0001.conf)

It contains these names: next.td-iconsult.fr

You requested these names for the new certificate: dmz.td-iconsult.fr,
next.td-iconsult.fr.

Do you want to expand and replace this existing certificate with the new
certificate?

(E)xpand/(C)ancel: E
Renewing an existing certificate for dmz.td-iconsult.fr and next.td-iconsult.fr

Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: dmz.td-iconsult.fr
Type: connection
Detail: 95.140.6.153: Fetching http://dmz.td-iconsult.fr/.well-known/acme-challenge/hLB6bon0zGgwV8Ygs0TSdwiqbelmGNrVphwcrqYfqBA: Error getting validation data

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Mon serveur Web est (inclure la version) : nginx 1.21.6

Le système d’exploitation sur lequel mon serveur Web s’exécute est (version incluse) : Centos Stream 9

Je peux me connecter à un shell root sur ma machine (oui ou non, ou je ne sais pas) : oui

J’utilise un panneau de configuration pour gérer mon site (non, ou fournit le nom et la version du panneau de configuration) : non

2

To use http validation, TCP port 80 must be open (and with no geographic filters etc) to allow http traffic to your server.

5 Likes
3

I was just being stupid and port 80 was not open on my vm's firewall... Thanks @webprofusion

3 Likes