Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
The operating system my web server runs on is (include version):windows server 2019
My hosting provider, if applicable, is: DartPoints
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I have a site cafe.cbtec.com that is not updating the cert file. I have worked today trying to get the certificate updating again. I am not sure if I need to update my version of letsencrypt or if I need different servers. My server is a Windows 19 server and is a hosted VM. Certbot version is 6.0.18.0.
Thank you if you have time to point me in the right direction.
ANotWorking
ERROR
cafe.cbtec.com has an A (IPv4) record (69.2.51.140) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
A timeout was experienced while communicating with cafe.cbtec.com/69.2.51.140: Get "http://cafe.cbtec.com/.well-known/acme-challenge/letsdebug-test": context deadline exceeded
Trace:
@0ms: Making a request to http://cafe.cbtec.com/.well-known/acme-challenge/letsdebug-test (using initial IP 69.2.51.140)
@0ms: Dialing 69.2.51.140
@10000ms: Experienced error: context deadline exceeded
IssueFromLetsEncrypt
ERROR
A test authorization for cafe.cbtec.com to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
69.2.51.140: Fetching https://cafe.cbtec.com/.well-known/acme-challenge/SKZ40hWZmuT3Y8RDkH9pspP9BkZfeHOIunFFZJqwqnM: received disallowed redirect status code
Using nmap from my Oregon, USA locations I see
$ nmap -Pn -p80,443 cafe.cbtec.com
Starting Nmap 7.80 ( https://nmap.org ) at 2024-06-15 01:04 UTC
Nmap scan report for cafe.cbtec.com (69.2.51.140)
Host is up (0.074s latency).
rDNS record for 69.2.51.140: 140.51.venyu.com
PORT STATE SERVICE
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 0.57 seconds
So it looks like you've been managing to get your certs up until recently, this just looks like geoblocking. I can't access your site from australia but it works from other locations, so you're probably blocking one of the other countries Let's Encrypt uses.
Remove the geoblocking from your firewall and allow incoming http (TP port 80) or allow all http /.well-known/acme-challenge requests if you have a sophisticated enough firewall to specifically allow that.
