Installation Error

#1

Hi everyone, I have tried to install let’s encrypt on my server, I have a connection that is controlled by proxy because it is a company this error is that I get it when I try sudo certbot --apache -d example.com
I get this error
An unexpected error occurred:
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/urllib3/connection.py”, line 138, in _new_conn
(self.host, self.port), self.timeout, **extra_kw)
File “/usr/lib/python3/dist-packages/urllib3/util/connection.py”, line 75, in create_connection
for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
File “/usr/lib/python3.5/socket.py”, line 733, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Temporary failure in name resolution

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 594, in urlopen
chunked=chunked)
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 350, in _make_request
self._validate_conn(conn)
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 837, in _validate_conn
conn.connect()
File “/usr/lib/python3/dist-packages/urllib3/connection.py”, line 281, in connect
conn = self._new_conn()
File “/usr/lib/python3/dist-packages/urllib3/connection.py”, line 147, in _new_conn
self, “Failed to establish a new connection: %s” % e)
requests.packages.urllib3.exceptions.NewConnectionError: <requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fc2384606a0>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 423, in send
timeout=timeout
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 643, in urlopen
_stacktrace=sys.exc_info()[2])
File “/usr/lib/python3/dist-packages/urllib3/util/retry.py”, line 363, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
requests.packages.urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(’<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fc2384606a0>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution’,))

During handling of the above exception, another exception occurred:

requests.exceptions.ConnectionError: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(’<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fc2384606a0>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution’,))
Please see the logfiles in /var/log/letsencrypt for more details.

#2

Hi @Dhampir

your server can’t connect Letsencrypt.

Perhaps your dns settings are wrong or your installation is incomplete.

There is a template:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

#3

@JuergenAuer
If I know that my server does not have internet access, I already explained that my company is under a proxy, is there any configuration that allows me to connect to Let’s Encrypt through a proxy?

#4

What does that mean?

Your webserver needs outgoing access if you want to create a certificate.

And if you want to use http-01 validation, incoming access is required.

A certificate requires a public / unique domain name.

#5

@JuergenAuer
it’s simple, I do not have direct internet access, my connection is by proxy, my question is if it is possible to connect with Let’s Encrypt through a proxy, if so, what to configure?

#6

If you have a proxy, you have internet access via that proxy.

So I don’t understand the problem. Configure your system to use your proxy.

Or share more details.

#7

@JuergenAuer, I think @Dhampir might be thinking of a SOCKS proxy rather than a transparent proxy.

@Dhampir, the Certbot client that you’re using doesn’t have a configuration option to use a SOCKS proxy. It uses the Python Requests library for outbound connections; what I see at

http://docs.python-requests.org/en/master/user/advanced/

suggests that we would have to implement an additional feature to integrate Requests with a SOCKS proxy.

It’s possible that a different Let’s Encrypt client will work well with your proxy.

You could look at the documentation for some of the other clients to see whether they describe proxy support.

1 Like
closed #8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.