Good afternoon.Certificate requests do not pass from my server. Support for ISP managers say that my IP address is blacklisted. I fixed it and now on the site https://whatismyipaddress.com/blacklist-check (my ip 148.251.90.228) it is on the green list.Can you help me with this problem?
LOG:https://acme-v02.api.letsencrypt.org/directory
PINGacme-v02.api.letsencrypt.org ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com (172.65.32.248) 56(84) bytes of data.ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com ping statistics —
My domain is: pittools.ru
I ran this command:
It produced this output:
My web server is (include version): APACHE FAST SGI
The operating system my web server runs on is (include version):CentOS-76-64-minimal
My hosting provider, if applicable, is: HETZNER.DE
I can login to a root shell on my machine (yes or no, or I don’t know): YES, I AM ROOT user
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
Hi,
What’s the output of the command curl https://acme-v02.api.letsencrypt.org/directory?
P.S. If this is really a blacklist issue, you might need to contact CloudFlare since they are the IP’s origin (and might blocked your IP)
Thank you
stevenzhu:
What’s the output of the command curl https://acme-v02.api.letsencrypt.org/directory ?
P.S. If this is really a blacklist issue, you might need to contact CloudFlare since they are the IP’s origin (and might blocked your IP)
Thank you
curl: (7) Failed connect to acme-v02.api.letsencrypt.org:443 ; Operation now in progress
I created a topic on cloudfare and as a result they sent me back to you, see the information that we discussed with them.
Complete!
[root@CentOS-76-64-minimal ~]# traceroute acme-v02.api.letsencrypt.org acme-v02.api.letsencrypt.org (172.65.32.248), 30 hops max, 60 byte packetsstatic.161.90.251.148.clients.your-server.de (148.251.90.161) 1.988 ms 1.984 ms 2.003 mscore24.fsn1.hetzner.com (213.239.229.13) 0.993 ms 0.299 ms core23.fsn1.hetzner.com (213.239.229.9) 0.302 mscore1.fra.hetzner.com (213.239.203.153) 4.891 ms core0.fra.hetzner.com (213.239.252.37) 5.098 ms core5.fra.hetzner.com (213.239.224.250) 5.860 mscore9.fra.hetzner.com (213.239.252.18) 5.270 ms core9.fra.hetzner.com (213.239.224.174) 5.058 ms 5.065 ms
Hi @vovafrost2020
reduce your MTU. May be that's 1500, reduce it to 1300 or 1100.
Doesn't look like a Letsencrypt block (and I don't think Letsencrypt blocks ip addresses).
Should look like
D:\temp>tracert -4 acme-v02.api.letsencrypt.org
1 <1 ms <1 ms <1 ms fritz.box [192.168.0.1]lag-10.edge4.Berlin1.Level3.net [4.68.73.5]ae-2-3602.edge3.Berlin1.Level3.net [4.69.159.5]unknown.Level3.net [212.162.40.34]
in hetzner network all ok
root@CentOS-76-64-minimal ~]# mtr -n -r -c 100 acme-v02.api.letsencrypt.org
There is nothing ok.
Should look like
D:\temp>tracert -6 acme-v02.api.letsencrypt.org
1 <1 ms <1 ms <1 ms fritz.box [2003:e9:ef3f:6700:f2b0:14ff:fe0e:fe2c]cloudflare-ic-314537-hbg-b1.c.telia.net [2001:2000:3080:e70::2]
via ipv6.
There is a blocking instance you have to find.
system
April 19, 2020, 9:48am
8
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
20:b 0.0% 100 0.5 0.5 0.2 3.1 0.4