Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: sudo ./bitwarden.sh updatecert
It produced this output:
_ _ _ _
| |__ (_) |___ ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V V / (_| | | | (_| | __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_|
Open source password management solutions
Copyright 2015-2021, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 1.39.4
Docker version 20.10.7, build f0df350
docker-compose version 1.28.5, build c4eb3a1f
Pulling mssql ... done
Pulling web ... done
Pulling attachments ... done
Pulling api ... done
Pulling identity ... done
Pulling sso ... done
Pulling admin ... done
Pulling portal ... done
Pulling icons ... done
Pulling notifications ... done
Pulling events ... done
Pulling nginx ... done
Using default tag: latest
latest: Pulling from certbot/certbot
Digest: (not sure if this should be private but im going to snip it just in case)
Status: Image is up to date for certbot/certbot:latest
docker.io/certbot/certbot:latest
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/pandanet.mynetgear.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Renewing an existing certificate for pandanet.mynetgear.com
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: pandanet.mynetgear.com
Type: connection
Detail: Fetching http://pandanet.mynetgear.com/.well-known/acme-challenge/rql-rpfrcURjQvdbrBgVOSCj_3EuUiiWbOX9cPBnEJI: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority couldn't exterally verify that the standalone plugin completed the required http-01 challenges. Ensure the plugin is configured correctly and that the changes it makes are accessible from the internet.
Saving debug log to /etc/letsencrypt/logs/letsencrypt.log
Failed to renew certificate pandanet.mynetgear.com with error: Some challenges have failed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/pandanet.mynetgear.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /etc/letsencrypt/logs/letsencrypt.log or re-run Certbot with -v for more details.
vowals@PandaServer:~$
The operating system my web server runs on is (include version):Ubuntu 20.04.2
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): whatever bitwarden is using but it claims to be latest
For some context, I noticed that I was getting SSL errors when trying to use bitwarden and so I tried to renew the cert, and I'm getting an error. Any help is much appreciated. I can put the logs in here too I was just worried sensitive info might be in it. Let me know if it's safe to post here. I censored the Digest because it looked like something that was sensitive info but I can post it back if it is important. Also, I already have port 80 allowed on UFW so I don't think it's a firewall issue.
Well, maybe it's bigger than just port 80, because while I can ping your IP address 72.219.177.131, I can't connect to port 80, nor port 443. Or any other regular port for that matter.
Port mapping is just port forwarding, right? If so I have them set to open so idk why they would be closed. Could the reason why it's closed be because nothing is using the port rn? Whenever I try to start bitwarden it hangs:
Also after attempting to reinstall bitwarden this happend:
vowals@PandaServer:~$ sudo ./bitwarden.sh install
_ _ _ _
| |__ (_) |___ ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V V / (_| | | | (_| | __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_|
Open source password management solutions
Copyright 2015-2021, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 1.39.4
Docker version 20.10.7, build f0df350
docker-compose version 1.28.5, build c4eb3a1f
(!) Enter the domain name for your Bitwarden instance (ex. bitwarden.example.com): pandanet.mynetgear.com
(!) Do you want to use Let's Encrypt to generate a free SSL certificate? (y/n): y
(!) Enter your email address (Let's Encrypt will send you certificate expiration reminders): -snip-
Using default tag: latest
latest: Pulling from certbot/certbot
Digest: sha256:1de29b86aa08f09b944b89dc74f1b3a4789b53eb7addeb2b29c276ec730a402f
Status: Image is up to date for certbot/certbot:latest
docker.io/certbot/certbot:latest
Saving debug log to /etc/letsencrypt/logs/letsencrypt.log
Account registered.
Requesting a certificate for pandanet.mynetgear.com
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: pandanet.mynetgear.com
Type: connection
Detail: Fetching http://pandanet.mynetgear.com/.well-known/acme-challenge/deXdOUuJ7m-tOzFtrgYKpznOgKskA28u3SK2kGChmlY: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority couldn't exterally verify that the standalone plugin completed the required http-01 challenges. Ensure the plugin is configured correctly and that the changes it makes are accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /etc/letsencrypt/logs/letsencrypt.log or re-run Certbot with -v for more details.
Is there a good way to find out what is? I've been messing around with Nmap, looking at my docker containers, and looking through all the applications open, and can't seem to find anything. Are there any programs or something that may help with the search?
