Let's encrypt blocked my IP, Please allowed it

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: nextcloud.independencenetwork.id

I ran this command: certbot renew --dry-run

It produced this output:
root@IDP: # certbot renew --dry-run

Saving debug log to /var/log/letsencrypt/letsencrypt.log



Failed to renew certificate nextcloud.independencenetwork.id with error: Requesting acme-staging-v02.api.letsencrypt.org/directory: No route to host

My web server is (include version): NGINX 1.22.1

The operating system my web server runs on is (include version):
root@IDP:/usr/ports/security/py-certbot-apache # cat /etc/os-release

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 2.2.0

"No route to host" is typically a regular networking issue. When Let's Encrypt blocks an IP, a different message is usually seen.

Can you post a traceroute to acme-v02.api.letsencrypt.org?


So, it worked previously.
What has changed since the last cert issuance?


--- ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 34.494/35.532/36.692/0.901 ms
root@IDP:/usr/ports/security/py-certbot-nginx # traceroute acme-v02.api.letsencrypt.org
traceroute to ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com (, 64 hops max, 40 byte packets
1 ( 0.404 ms 0.404 ms 0.400 ms
2 ( 7.554 ms 3.838 ms 2.910 ms
3 ( 8.113 ms 1.264 ms 1.626 ms
4 * * *
5 ( 24.795 ms 20.162 ms 27.880 ms
6 ( 19.128 ms 31.990 ms 23.542 ms
7 ( 19.796 ms 26.390 ms 29.259 ms
8 ( 27.240 ms 37.647 ms 20.804 ms
9 * * *
10 * * *
11 * * *

but, i can ping
root@IDP:/usr/ports/security/py-certbot-nginx # ping acme-v02.api.letsencrypt.org

PING ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com ( 56 databytes

64 bytes from icmp_seq=0 ttl=55 time=2.233 ms

64 bytes from icmp_seq=1 ttl=55 time=6.563 ms

64 bytes from icmp_seq=2 ttl=55 time=4.122 ms

64 bytes from icmp_seq=3 ttl=55 time=2.240 ms

64 bytes from icmp_seq=4 ttl=55 time=2.301 ms

64 bytes from icmp_seq=5 ttl=55 time=6.444 ms

64 bytes from icmp_seq=6 ttl=55 time=12.078 ms

64 bytes from icmp_seq=7 ttl=55 time=1.512 ms

64 bytes from icmp_seq=8 ttl=55 time=17.309 ms

1 Like

nothin, sir..

i just fresh install since January, and put auto renew at cron. But the cert can't renew

Show outputs:
traceroute -T -p 443 acme-v02.api.letsencrypt.org
traceroute -T -p 443 acme-staging-v02.api.letsencrypt.org


"Let's encrypt blocked my IP, Please allowed it"

I really do not believe Let's Encrypt is blocking your IP Address; using the online tool Let's Debug and using the HTTP-01 challenge of the Challenge Types - Let's Encrypt yields https://letsdebug.net/nextcloud.independencenetwork.id/1472591

All OK!

No issues were found with nextcloud.independencenetwork.id. If you are having problems with creating an SSL certificate, please visit the Let's Encrypt Community forums and post a question there.

Which demonstrates your IP Address is very likely not being blocked by Let's Encrypt.


I guess the solution was to switch to ZeroSSL.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.