Let´s Encrypt on UNMS


#1

Let’s Encrypt was turned off because the previous attempt had failed.

Timestamp: Today at 12:38 pm
Error: Failed authorization procedure. administracion.interos.com.co (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://administracion.interos.com.co/.well-known/acme-challenge/jymJqoybEJ_BzP471aSIut8oHGtcX32CuSxB50e48QA: Timeout during connect (likely firewall problem)

other problem
Let’s Encrypt se apagó porque el intento anterior había fallado. Indicación de fecha: hoy a las 12:44 p.m. Error: se produjo un error inesperado: ConnectTimeout: HTTPSConnectionPool (host = ‘acme-v01.api.letsencrypt.org’, port = 443): Reintentos máximos excedidos con url: / directory (Causado por ConnectTimeoutError (<urllib3.connection.VerifiedHTTPSConnection object at 0x7fac005ec990>, 'Conexión a acme-v01.api.letsencrypt.org timed out. (connect timeout = 45) ')) Consulte los archivos de registro en / tmp para obtener más detalles.


#2

Hi @oscaradrian

you have already a wildcard-certificate (created today):

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:administracion.interos.com.co&lu=cert_search

https://transparencyreport.google.com/https/certificates/AH0huafE%2FERItko%2B1wIOQHP2N69VBU7fC4GNsoZETUU%3D

*.administracion.interos.com.co
administracion.interos.com.co

So you used dns-01 - validation and version 2. If you want to use http-01 and acme-v01.api, there must be a webserver Port 80 / http.


#3

Hi,

No port is opened on that server(ipv4 & ipv6)

Please at least open port 80 & 443 (optional) before actually trying to run certbot with http-01 challenges.

Thank you


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.