Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: morgoth.jhmjcm.net
I ran this command: /usr/local/bin/certbot renew -q --post-hook "/usr/sbin/service dovecot restart"
It produced this output:
Attempting to renew cert (morgoth.jhmjcm.net) from /usr/local/etc/letsencrypt/renewal/morgoth.jhmjcm.net.conf produced an unexpected error: Requesting acme-v02.api.letsencrypt.org/directory: No route to host. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/usr/local/etc/letsencrypt/live/morgoth.jhmjcm.net/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
My web server is (include version): n/a (no web server on machine)
The operating system my web server runs on is (include version): FreeBSD 12.3-RELEASE-p9
My hosting provider, if applicable, is: n/a
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.5.0
Additional information:
angmar:~ jhm$ dig acme-v02.api.letsencrypt.org
; <<>> DiG 9.10.6 <<>> acme-v02.api.letsencrypt.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65393
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;acme-v02.api.letsencrypt.org. IN A
;; ANSWER SECTION:
acme-v02.api.letsencrypt.org. 6525 IN CNAME prod.api.letsencrypt.org.
prod.api.letsencrypt.org. 3600 IN CNAME ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com.
ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com. 3600 IN A 172.65.32.248
;; Query time: 85 msec
;; SERVER: 172.20.2.2#53(172.20.2.2)
;; WHEN: Sat Dec 10 14:36:00 EST 2022
;; MSG SIZE rcvd: 155
angmar:~ jhm$ traceroute acme-v02.api.letsencrypt.org
traceroute to ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com (172.65.32.248), 64 hops max, 52 byte packets
1 cerberus (172.20.2.1) 1.034 ms 0.333 ms 0.295 ms
2 173-12-83-238-miami.hfc.comcastbusiness.net (173.12.83.238) 1.995 ms 2.145 ms 2.188 ms
3 96.120.36.193 (96.120.36.193) 9.077 ms 10.686 ms 9.468 ms
4 68.85.82.241 (68.85.82.241) 9.552 ms 10.631 ms 11.380 ms
5 96.108.22.89 (96.108.22.89) 9.128 ms 12.929 ms 9.950 ms
6 ae-13-ar02.stuart.fl.pompano.comcast.net (96.108.23.117) 11.292 ms 13.026 ms 10.510 ms
7 68.85.127.53 (68.85.127.53) 10.854 ms 10.907 ms 13.816 ms
8 be-40-ar01.northdade.fl.pompano.comcast.net (68.86.165.161) 14.111 ms 33.058 ms 15.058 ms
9 96.110.5.141 (96.110.5.141) 15.678 ms 15.169 ms 14.996 ms
10 be-33811-cs01.miami.fl.ibone.comcast.net (96.110.45.65) 15.928 ms 15.799 ms
be-33841-cs04.miami.fl.ibone.comcast.net (96.110.45.77) 15.486 ms
11 be-3412-pe12.nota.fl.ibone.comcast.net (96.110.33.174) 16.101 ms
be-3311-pe11.nota.fl.ibone.comcast.net (96.110.33.154) 16.008 ms
be-3411-pe11.nota.fl.ibone.comcast.net (96.110.33.158) 15.025 ms
12 50.208.234.222 (50.208.234.222) 17.384 ms 17.360 ms
50.208.235.254 (50.208.235.254) 57.514 ms
13 108.162.211.12 (108.162.211.12) 32.616 ms
172.70.52.2 (172.70.52.2) 15.509 ms
172.70.52.4 (172.70.52.4) 19.552 ms
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
31 * * *
32 * * *
33 * * *
34 * * *
35 * * *
36 * * *
37 * * *
38 * * *
39 * * *
40 * * *
41 * * *
42 * * *
43 * * *
44 * * *
45 * * *
46 * * *
47 * * *
48 * * *
49 * * *
50 * * *
51 * * *
52 * * *
53 * * *
54 * * *
55 * * *
56 * * *
57 * * *
58 * * *
59 * * *
60 * * *
61 * * *
62 * * *
63 * * *
64 * * *
angmar:~ jhm$
My ISP is Comcast Business and the traceroute seems to go off into never-never land after leaving Comcast's internal network.
Has anyone had similar problems and, if so, how was it resolved?
Thanks in advance for any assistance!