Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-13" --agree-tos --authenticator webroot --email "engg.ayman@gmail.com" --preferred-challenges "dns,http" --domains "http://elashri.duckdns[.]org"
Requested name http://elashri.duckdns[.]org appears to be a URL, not a FQDN. Try again without the leading "http://".
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-kfnnkfcj/log or re-run Certbot with -v for more details.
at ChildProcess.exithandler (node:child_process:422:12)
at ChildProcess.emit (node:events:517:28)
at maybeClose (node:internal/child_process:1098:16)
at Socket. (node:internal/child_process:450:11)
at Socket.emit (node:events:517:28)
at Pipe. (node:net:350:12)
Hello @aymanelashri, welcome to the Let's Encrypt community. 
Did you try as suggested removing the http:// 
4 Likes
Yes I’ve tried to remove http , however am still facing the same issue
Hello @aymanelashri,
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Thank you for assisting us in helping YOU!
1 Like
@aymanelashri please show exact errors and share the logs.
1 Like
@aymanelashri using the online tool Let's Debug yields these results https://letsdebug.net/elashri.duckdns.org/1870596
ANotWorking
ERROR
elashri.duckdns.org has an A (IPv4) record (2.50.196.92) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
A timeout was experienced while communicating with elashri.duckdns.org/2.50.196.92: Get "http://elashri.duckdns.org/.well-known/acme-challenge/letsdebug-test": context deadline exceeded
Trace:
@0ms: Making a request to http://elashri.duckdns.org/.well-known/acme-challenge/letsdebug-test (using initial IP 2.50.196.92)
@0ms: Dialing 2.50.196.92
@10000ms: Experienced error: context deadline exceeded
IssueFromLetsEncrypt
ERROR
A test authorization for elashri.duckdns.org to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
2.50.196.92: Fetching http://elashri.duckdns.org/.well-known/acme-challenge/Cx8XDJQLjktq_T8velYxplUoTzGo3amiOiOZl2_7LDI: Timeout during connect (likely firewall problem)
especially note the "Timeout during connect (likely firewall problem)"
Using nmap shows both Ports 80 & 443 are being filtered (i.e. therefor blocked)
$ nmap -Pn -p80,443 elashri.duckdns.org
Starting Nmap 7.80 ( https://nmap.org ) at 2024-04-13 00:50 UTC
Nmap scan report for elashri.duckdns.org (2.50.196.92)
Host is up.
rDNS record for 2.50.196.92: bba-2-50-196-92.alshamil.net.ae
PORT STATE SERVICE
80/tcp filtered http
443/tcp filtered https
Nmap done: 1 IP address (1 host up) scanned in 3.17 seconds
Best Practice - Keep Port 80 Open
The HTTP-01 challenge of the Challenge Types - Let's Encrypt
states "The HTTP-01 challenge can only be done on port 80."
1 Like