Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: nextcloud.independencenetwork.id
I ran this command: certbot renew --dry-run
It produced this output:
root@IDP: # certbot renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Failed to renew certificate nextcloud.independencenetwork.id with error: Requesting acme-staging-v02.api.letsencrypt.org/directory: No route to host
My web server is (include version): NGINX 1.22.1
The operating system my web server runs on is (include version):
root@IDP:/usr/ports/security/py-certbot-apache # cat /etc/os-release
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
"No route to host" is typically a regular networking issue. When Let's Encrypt blocks an IP, a different message is usually seen.
Can you post a traceroute to
So, it worked previously.
What has changed since the last cert issuance?
--- ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 34.494/35.532/36.692/0.901 ms
root@IDP:/usr/ports/security/py-certbot-nginx # traceroute acme-v02.api.letsencrypt.org
traceroute to ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com (126.96.36.199), 64 hops max, 40 byte packets
1 192.168.9.1 (192.168.9.1) 0.404 ms 0.404 ms 0.400 ms
2 188.8.131.52 (184.108.40.206) 7.554 ms 3.838 ms 2.910 ms
3 220.127.116.11 (18.104.22.168) 8.113 ms 1.264 ms 1.626 ms
4 * * *
5 22.214.171.124 (126.96.36.199) 24.795 ms 20.162 ms 27.880 ms
6 188.8.131.52 (184.108.40.206) 19.128 ms 31.990 ms 23.542 ms
7 220.127.116.11 (18.104.22.168) 19.796 ms 26.390 ms 29.259 ms
8 22.214.171.124 (126.96.36.199) 27.240 ms 37.647 ms 20.804 ms
9 * * *
10 * * *
11 * * *
but, i can ping
root@IDP:/usr/ports/security/py-certbot-nginx # ping acme-v02.api.letsencrypt.org
PING ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com (188.8.131.52): 56 databytes
64 bytes from 184.108.40.206: icmp_seq=0 ttl=55 time=2.233 ms
64 bytes from 220.127.116.11: icmp_seq=1 ttl=55 time=6.563 ms
64 bytes from 18.104.22.168: icmp_seq=2 ttl=55 time=4.122 ms
64 bytes from 22.214.171.124: icmp_seq=3 ttl=55 time=2.240 ms
64 bytes from 126.96.36.199: icmp_seq=4 ttl=55 time=2.301 ms
64 bytes from 188.8.131.52: icmp_seq=5 ttl=55 time=6.444 ms
64 bytes from 184.108.40.206: icmp_seq=6 ttl=55 time=12.078 ms
64 bytes from 220.127.116.11: icmp_seq=7 ttl=55 time=1.512 ms
64 bytes from 18.104.22.168: icmp_seq=8 ttl=55 time=17.309 ms
i just fresh install since January, and put auto renew at cron. But the cert can't renew
traceroute -T -p 443 acme-v02.api.letsencrypt.org
traceroute -T -p 443 acme-staging-v02.api.letsencrypt.org
"Let's encrypt blocked my IP, Please allowed it"
I really do not believe Let's Encrypt is blocking your IP Address; using the online tool Let's Debug and using the HTTP-01 challenge of the Challenge Types - Let's Encrypt yields https://letsdebug.net/nextcloud.independencenetwork.id/1472591
No issues were found with nextcloud.independencenetwork.id. If you are having problems with creating an SSL certificate, please visit the Let's Encrypt Community forums and post a question there.
Which demonstrates your IP Address is very likely not being blocked by Let's Encrypt.
I guess the solution
was to switch to ZeroSSL.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.