Let's debug ANotWorking/IssueFromLetsEncrypt error

When i run my domain on letsdebug.net i get this errors:

I have a record on cloudflare with my server's IPv4 and IPv6

Hi there @C4pture, welcome to the Let's Encrypt Community :wave:t2:

Is there a specific purpose or question for your thread? Or did you just want to show the errors?


When you opened this thread in the Help section, you should have been provided with a questionnaire. Maybe you didn't get it somehow (which is weird), or you've decided to delete it. In any case, all the answers to this questionnaire are required:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):


You need port 80 open for http-01 and it is closed now.

$ nmap -Pn -p80,443 tktkdownloader.top
Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-12 15:12 UTC
Nmap scan report for tktkdownloader.top (
Host is up (0.19s latency).
Other addresses for tktkdownloader.top (not scanned): 2a01:4f9:c011:7a4f::1
rDNS record for static.

80/tcp  closed http
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 0.80 seconds

Firewall is not activated on my server yet, so i assume ports 80 and 443 are open right now

That means a lot if you can help me

That doesn't seem like the right assumption from what I saw.


@C4pture Please keep in mind that "closed" simply means no service is listening on that port, not a firewall issue.

Also, please see my first post earlier.


Map post 80 and 443 from your nat router to you web server


Ok @Osiris but the firewall was brought up by the op.
Just saying the ports they're closed.


Ah, true, OP said that, my apologies.


No problem.


ok i have 443 and 80 open right now but i have the same error
Screenshot 2023-07-12 202538

And what about the web server?
Is it configured to server on port 80 (and 443)?
Is that server running?


I only have this VPS configured and it's raw. i just enabled firewall with the ports i showed on the picture.
That's pretty much it

And what's your goal here? What do you want to achieve and to what ultimate end goal?


Please guide me if i have to do any more steps or send me a link to do the steps needed

I'm trying to get SSL for my domain (i'm running X-UI) and i have problem with it. it says on letsdebug that the DNS method is fine with no errors but i don't know how to do that one, so i'm trying to solve this issue

Let's Debug complains about the other challenges because those challenges require a webserver runningserving the challenge, and it's not finding any.

Some ACME clients like Certbot can spin up a temporary webserver just for the challenge, so a standalone webserver isn't required.


Oh, it's all clear now. thank you very much


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.