Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:www.hornet.technology
I ran this command:"sudo certbot delete --cert-name your_certificate_name"
then , "sudo certbot certonly --standalone --preferred-challenges http -d www.hornet.technology"
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details."
My web server is (include version):go 1.20.8
The operating system my web server runs on is (include version):ubuntu 22.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 2.6.0
Yeah, to add background for benefit of other readers ...
There may be a service referring to those cert files which now don't exist. The service may now fail outright with missing files rather than just send an expired cert. Cert requests can fail for various reasons. It is even possible for Let's Encrypt to have a temporary outage.
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. " got the same error again
We mean "active" in different ways. While expired if your web service still referred to those file locations it is still active. A client will see an expired cert but will still be able to make a TLS connection (usually HTTPS).
Sorry, I forgot to include the `-v' so please try below. But, when it says "Press continue to submit to CA." DO NOT press Enter to continue. Leave it paused and let us know the URL shown or try the URL from outside your network.
Expiration doesn't deactivate a cert.
It merely makes it "unsafe to use" - but it can still be used.
When you delete it, it can no longer be used; And that can create unintended problems [elsewhere].
Good. With that left paused you can now try to reach that URL from outside your own network. I just tried it and timed out just like the Let's Encrypt error in your first post. So, we can reproduce the error.
So, it looks like a firewall may be blocking port 80. Or, your routing for that is not right.
Leave it paused like that while you try changes to your system to open that connection.
Just do a curl like below or even just paste the URL in a browser window. Just be sure to work from outside your own local network
curl -i -m10 http://www.hornet.technology/.well-known/acme-challenge/y1PTWNViPqMriwcYvoyZmFwCDyQJRCDh6p9MSNux6aI
Keep making changes until you don't get one of these :)
curl: (28) Connection timed out after 10000 milliseconds
If you have to restart Certbot it will give you a different URL so of course use the one it shows instead of the above
