NextCloud Help Let’s Encrypt, Raspberry Pi 4 B, 8gb RAM

My domain is:

I ran this command: sudo certbot --apache

It produced this output:


  • The following errors were reported by the server:

    Type: connection
    Detail: Fetching
    Timeout during connect (likely firewall problem)

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you're using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided."

I am a beginner when it comes to NextCloud and Linux. I ask for your indulgence. And please try to explain it simply and step by step. I use a windows 10 Pc.
What I have done so far:

  • Formatted hard disk to btrfs
  • Unblocked the ports 80 and 443 in the Unitymedia Connect Box.
  • Entered the IPV4 of the Raspberry in "My NO-IP
  • Entered the domain in NextCloud under "FreeDNS
  • Enabled SSH in NextCloud
  • Force HTTPS to "Active
  • But when I try to activate Let’s Encrypt the above mentioned error message appears. !!!!!
  • Also, I don't know why in the NextCloud Pi panel port 80 and 443 are shown as closed. !!!!

I use Kaspersky Total Security.

System Info´s:
NextCloudPi version v1.39.6
NextCloudPi image NextCloudPi_11-27-20
distribution Debian GNU/Linux 10 \n \l
automount yes
USB devices sda
datadir /media/myCloudDrive/ncdata
data in SD no
data filesystem btrfs
data disk usage 4.6G/932G
rootfs usage 2.3G/29G
swapfile /var/swap
dbdir /var/lib/mysql
Nextcloud check ok
Nextcloud version
HTTPD service up
PHP service up
MariaDB service up
Redis service up
HPB service down
Postfix service up
internet check ok
port check 80 closed
port check 443 closed
interface eth0
certificates none
NAT loopback no
uptime 2days

Hi @xxcuberxx2, welcome to the LE community forum :slight_smile:

This means port 80 (HTTP) is not reaching anything:

Please add some detail here:

To which internal IP?
What is the IP of the RPi?

[Win10 or RPi?]


This means port 80 (HTTP) is not reaching anything:

Please add some detail here:

  • The only error message I get in the NextCloud Pi panel is the one above. This is all the information that is given as an error.
  • Or what information do they need ?

To which internal IP?

  • For this IPv6 address: 2a02:908:4f1:36a0:5ea6:8b1c:d924:1433 / 128
    What is the IP of the RPi?
    IPv6: 2a02:908:4f1:36a0:5ea6:8b1c:d924:1433

Where? - Win 10
[Win10 or RPi?]

IPv6 has nothing to do with the cert request/renewal:


Win10 has nothing to do with the cert request/renewal.
[if the RPi is running certbot]

Let's focus on the inbound port 80 requests to IP
Where do those requests go?

1 Like

The IPv4: is my pc.
I changed the IPv4 address at "My No-IP" to "" at the beginning. But the IP address at "My No-IP" changes again and again to my PC.

You can't use RFC 1918 IPs as the Internet accessible address.
You must put the outside Internet IP and have the router/gateway forward that IP:port to your internal IP/system.

That means I have to enter the Ip of my Pc at "My No-Ip" and I have to enter the IP address of the Raspberry Pi at the "Port Release" in the router menu and release the ports 80 and 443 for this IP ? Did I understand this correctly ?
I am from Germany and have translated with a program, so I ask again if this understood correctly.

You must enter the Internet IP.

That sounds correct.
Inbound connections from the Internet for port 80 and 443 should reach your RPi.

On the subject of language translation:
I will sometimes try to check the translation by translating it twice.
Once (forward) to another language.
Then again (backwards) to my original language.
If it comes back sounding like what I originally said, then I use the translation.

So I have now entered the IPv4 I found in "cmd" and then "ipconfig", entered in "No-IP".
Honestly, I do not know how to reliably find the IP of the router. Every instruction on the Internet refers to a different IP, if I follow the instructions.

I have also enabled the port in Kaspersky under "Firewall".

And I have now entered the IPv6 from the Raspberry into the "port share" for port 80, 443. After that I restarted my PC and the Raspberry. But the ports are shown as Closed in NextCloud as well as in a "Port Sharing Test" in my mobile (LTE).

Which country are they from ?

That would only show the "internal" IP of your Windows system.
The IP required at "NO-IP" is the "external" one.

Again, you seem to be focused on the Windows PC.
You need to update the router.

"port share" on which device did you enter this on?

You should not have to restart anything.
And you continue to include the PC - which likely has nothing to do with your request to use the RPi on those two ports.

To get your external IP, simply web search "What is my IP?".
OR from the RPi:
curl -4
curl -6

1 Like

Thank you very much for your help !!!
It was due to the setting of my Internet provider! I had DS-Lite Active. It had to be changed to Dual Stack !


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.