Let's Encrypt Certificate

cb01 · May 9, 2024, 12:50pm

Had A SSL certificate, after few months it stopped working, tried to delete and create, install again the cetificate
and now I got this error:

My domain is: accheaven.com

I ran this command: Tried to reinstall Let's Encrypt Certificate

It produced this output:
1.A DNS record pointing to this server is required to issue a Let's Encrypt Certificate. and
2.api.accheaven.com: Domain could not be validated, error message: error type: urn:ietf:params:acme:error:connection, error detail: 153.92.1.104: Fetching http://api.accheaven.com/.well-known/acme-challenge/tvpxnc_UooJA_Mu-fX8xnKZvhvwX2CVdgAC5xs2qQcE: Error getting validation data

My web server is (include version): I don't know

The operating system my web server runs on is (include version): I don't know

My hosting provider, if applicable, is: hostinger

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I don't know

bruncsak · May 9, 2024, 1:17pm

@cb01 , welcome to the community!

The web server resets the connection:

tumbleweed:~ # curl -s -v 'http://api.accheaven.com/' > /dev/null
* Host api.accheaven.com:80 was resolved.
* IPv6: (none)
* IPv4: 153.92.1.104
*   Trying 153.92.1.104:80...
* Connected to api.accheaven.com (153.92.1.104) port 80
> GET / HTTP/1.1
> Host: api.accheaven.com
> User-Agent: curl/8.7.1
> Accept: */*
> 
* Request completely sent off
* Empty reply from server
* Closing connection
tumbleweed:~ #

Please check that the web server running for api.accheaven.com functions correctly.

Osiris · May 9, 2024, 1:42pm

Please don't remove questions from the questionnaire. It's required to answer all of them, even if you don't know the answer. In that case you should simply say so instead of removing the entire question. Here's the questionnaire again:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

cb01 · May 9, 2024, 2:42pm

Edited. Sorry for deleteting questionnaire

rg305 · May 9, 2024, 6:48pm

Ok, but what command did you run [after it was installed]?

Bruce5051 · May 9, 2024, 7:11pm

Using curl here is what I see

$ curl -i http://api.accheaven.com/.well-known/acme-challenge/sometestfile
curl: (52) Empty reply from server

Using nmap shows Ports 80 & 443 Open

$ nmap -Pn -p80,443 api.accheaven.com
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-05-09 12:11 PDT
Nmap scan report for api.accheaven.com (153.92.1.104)
Host is up (0.19s latency).

PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 0.67 seconds

And using the online tool Let's Debug yields these results https://letsdebug.net/api.accheaven.com/1940548

ANotWorking
ERROR
api.accheaven.com has an A (IPv4) record (153.92.1.104) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
Get "http://api.accheaven.com/.well-known/acme-challenge/letsdebug-test": EOF

Trace:
@0ms: Making a request to http://api.accheaven.com/.well-known/acme-challenge/letsdebug-test (using initial IP 153.92.1.104)
@0ms: Dialing 153.92.1.104
@74ms: Experienced error: EOF

IssueFromLetsEncrypt
ERROR
A test authorization for api.accheaven.com to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
153.92.1.104: Fetching http://api.accheaven.com/.well-known/acme-challenge/MrU3z-g8pyPez-H2T_EqOvTiCGgbWZXGoCAJAQSy99Q: Error getting validation data

Bruce5051 · May 9, 2024, 7:13pm

And here is a list of issued certificates crt.sh | api.accheaven.com, the latest being 2024-05-09.
It would seem that a certificate was issued recently for the domain name.

The certificate crt.sh | 13003454365 can be seen being severed here https://decoder.link/sslchecker/api.accheaven.com/443

Is this Help topic resolved @cb01?