My IP has been banned. please Unban IP

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: piminoff.ru

I ran this command:
cerbot renew

It produced this output:


Processing /etc/letsencrypt/renewal/piminoff.ru.conf


Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Attempting to renew cert (piminoff.ru) from /etc/letsencrypt/renewal/piminoff.ru.conf produced an unexpected error: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])"))). Skipping.

My web server is (include version):
apache2, php
The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:45.140.167.94

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): ISPConfig 3

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0

"certificate verify failed" is not an error I associate with blocked IP addresses. It sounds more like your system doesn't have the ISRG Root X1 root certificate in its root certificate store.

4 Likes

I have debian 10.12 operating system installed.
Tell me how to install this certificate on the server?

You probably need to update the package ca-certificates.

4 Likes

And, @pimnik98, if that doesn't work you might try upgrading to the current snap version of certbot. Your 0.31 version is fairly old

5 Likes

Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20200601~deb10u2).
0 upgraded, 0 newly installed, 0 to remove and 8 not upgraded.