I was following the Upcloud guide and I was using the apache method because I am running an apache web server. https://www.upcloud.com/support/install-lets-encrypt-apache/ do it must have been using the default verification method. I was running the command on the server with the public address.
It looks like I can’t upload the log file because I am a “a new user”. I will paste the part that seems relevant.
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1504
Link: https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next"
Replay-Nonce: d1-5YZo7KgQYqQtABdcEsYUuCpADL4l4L0iZmyGGhLI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 30 Nov 2017 18:29:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 30 Nov 2017 18:29:25 GMT
Connection: keep-alive
{
“identifier”: {
“type”: “dns”,
“value”: “cyanpages.info”
},
“status”: “invalid”,
“expires”: “2017-12-07T18:29:13Z”,
“challenges”: [
{
“type”: “dns-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/s6DbhOty8cky5zoqKF9kIeOPgm-czpbqkEncUsBdFZo/2606376914”,
“token”: “pUOGjUOnyM6i82tNNmbUCUk2vFYgiDEU4ulzMdrwLAo”
},
{
“type”: “http-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/s6DbhOty8cky5zoqKF9kIeOPgm-czpbqkEncUsBdFZo/2606376918”,
“token”: “XYtFc9bMglROrBSVG9XDQedI8xgqts0Fkh1sAPR3HBM”
},
{
“type”: “tls-sni-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:connection”,
“detail”: “Timeout”,
“status”: 400
},
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/s6DbhOty8cky5zoqKF9kIeOPgm-czpbqkEncUsBdFZo/2606376919”,
“token”: “YrLD66TUSXBViQPIq5lmq8ioEasxQXs7oec38GolVSg”,
“keyAuthorization”: “YrLD66TUSXBViQPIq5lmq8ioEasxQXs7oec38GolVSg.WW-_Q-C95z2AuzlX-yVwDgxdBYR55WPvGqNTft-INsI”,
“validationRecord”: [
{
“hostname”: “cyanpages.info”,
“port”: “443”,
“addressesResolved”: [
“162.255.119.156”
],
“addressUsed”: “162.255.119.156”,
“addressesTried”: []
}
]
}
],
“combinations”: [
[
1
],
[
2
],
[
0
]
]
}
2017-11-30 18:29:25,405:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: cyanpages.info
Type: connection
Detail: Timeout
Domain: www.cyanpages.info
Type: connection
Detail: Timeout
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you’re using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2017-11-30 18:29:25,405:INFO:certbot.auth_handler:Cleaning up challenges
2017-11-30 18:29:25,714:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/letsencrypt”, line 11, in
load_entry_point(‘certbot==0.10.2’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 849, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 575, in run
action, lineage = _auth_from_available(le_client, config, domains, certname)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 107, in _auth_from_available
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File “/usr/lib/python2.7/dist-packages/certbot/client.py”, line 291, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File “/usr/lib/python2.7/dist-packages/certbot/client.py”, line 262, in obtain_certificate
self.config.allow_subset_of_names)
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 77, in get_authorizations
self._respond(resp, best_effort)
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 134, in _respond
self._poll_challenges(chall_update, best_effort)
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 198, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. cyanpages.info (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Timeout, www.cyanpages.info (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Timeout