Hello there,
I have a beijing aws ec2 server ( standard apache ami )
A couple of months ago, we needed to setup a micro aws ec2 instance in the NINGXIA region and setup it up as a reverse proxy pointing to the BEIJING server to compensate for the congestion in peak hours.
Speed has increased drastically as a results.
However I wanted to renew our SSL due to expire in a few days and realized the usual certbot renew does not work anymore,
It now produce this output when typing certbot renew on the BEIJING server:
Attempting to renew cert (www.domain.com) from /etc/letsencrypt/renewal/www.domain.com.conf produced an unexpected error:
Failed authorization www.domain.com (http-01): urn:ietf:params:acme:error:connection ::
The server could not connect to the client to verify the domain ::
www.domain.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.domain.com/.well-known/acme-challenge/aKnEwaTH0d07hlEHwhKl4JIrIvNdzc5pTvEfaNQUPVM: Connection refused. Skipping.
I can login to a root shell on my machine (yes or no, or I don’t know): YES
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.31.0
NINGXIA SERVER - Nginx settings
events {
use epoll;
worker_connections 4096;
}
stream {
server {
listen 443;
proxy_connect_timeout 10s;
proxy_timeout 300s;
proxy_pass BEIJING_SERVER_IP:443;
}
server {
listen 3008;
proxy_connect_timeout 10s;
proxy_timeout 300s;
proxy_pass BEIJING_SERVER_IP:3008;
}
}
I’m guessing I need to update the NINGXIA Nginx settings but have no idea what to do,
Cheers,
Orion