Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: itracklinks.com
I ran this command: certbot certonly --apache -d itracklinks.com -d www.itracklinks.com --dry-run
It produced this output:
Failed authorization procedure. www.itracklinks.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.itracklinks.com/.well-known/acme-challenge/tS1pPWcwd8rsKjOgMohiDyiU5bqi9F3liM7DDLdb81I: Connection refused, itracklinks.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://itracklinks.com/.well-known/acme-challenge/ZNB6owe4IrYlqAfz18UaBG6C_5YBmPTpmyZgGplsrHI: Connection refused
My web server is (include version): Apache 2.4
The operating system my web server runs on is (include version): AWS Linux 2 (current)
My hosting provider, if applicable, is: Amazon Web Services
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):n/a
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):certbot 0.29.1
We’ve just started using Certbot. No problems creating new certs, but now that renewals are due - they are all failing with connection refused errors similar to the message above. I setup this domain as a test. Issued a new cert, allowed certbot to setup all traffic https redirect in the .conf file - works fine. However, when I try a dry run on the renewal - I get the same error I’m getting on all my other certs when I run certbot renew.
I revoked, deleted, and re-installed the cert for this domain - same error.
I ran curl -v for all connections and it appears to be okay.
Any ideas why?