Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Your DNS has both A and AAAA records. Let's Encrypt will use the AAAA record for IPv6 if present. You can see the IPv6 address in your error message 2a02:4780:8:324:0:1d49:de64:1
I get different responses from both IPv4 and IPv6 address. You should ensure they both point to the right server. If your IPv6 address is correct we need to explore why you got a 404 error. So, let us know how you resolved your DNS records.
curl -I4 cxchatbot.basf.host (uses IPv4 address)
curl: (7) Failed to connect to cxchatbot.basf.host port 80 after 12 ms: Connection refused
curl -I6 cxchatbot.basf.host (uses IPv6)
HTTP/1.1 403 Forbidden
Keep-Alive: timeout=5, max=100
date: Mon, 01 Aug 2022 13:21:24 GMT
@rg305@MikeMcQ Initially I have used the application Documentation and there they have mentioned the commands for the SSl using certbot, then after 90 days my SSL expired so I was trying to reinstall the certificate so remove the nginx as well as certbot and started the fresh installation. But now it is showing the above error. Yes The IP is correct.
And, the failure for IPv6 shows that is not working. You should remove the AAAA address from your DNS. That did not look like your server anyway as a litespeed server was responding on that address which is closer to Apache than nginx.
That is one problem.
Another is you do not have port 80 open to your IPv4 address. Are you running in an AWS EC2 instance? Because that is where your IPv4 address points to. If so, you need to update your EC2 Security Group to allow port 80 and 443.
@MikeMcQ Yes EC2 am using and All the ports are open. Previously it was working fine. What I did is just doing the fresh installation of Certbot. To install a new cetificate. Because early one was expired for this domain.
Would you please confirm the value. Because the IP in your public DNS does not have the needed ports open.
If you don't have an Elastic IP AWS may assign a new IP address if you restart your EC2 instance. I am trying to help you but it is difficult as your descriptions don't match what I see from the public internet.
rDNS record for 22.214.171.124: ec2-3-14-157-185.us-east-2.compute.amazonaws.com
PORT STATE SERVICE
22/tcp open ssh
3000/tcp open ppp
4000/tcp open remoteanything
5432/tcp open postgresql
I see you still have not removed the AAAA address. You should do that.