NOOB here, errors on certbot renew with wordpress

lucaszhn · March 28, 2024, 3:36am

My domain is:lucaszhn.cn

I ran this command:certbot renew --dry-run

It produced this output:
Certbot failed to authenticate some domains (authenticator: apache)
Timeout during connect (likely firewall problem)

but i stoped firewall

My web server is (include version):

The operating system my web server runs on is (include version):

Apache/2.4.51 (Debian)
Fedora Linux 39 (Server Edition)

My hosting provider, if applicable, is: Aliyun(China)

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 2.1.0

MikeMcQ · March 28, 2024, 3:52am

Welcome @lucaszhn

I don't see a timeout right now but I do see an HTTP error 500 (Internal Server Error).

Sometimes timeouts will occur. Did the timeouts occur repeatedly?

Right now the error 500 is a bigger concern. It points to a serious problem on your server. The Let's Debug test site is very helpful for general testing. In this case it says the overall result was OK but it is not. The OK just means the test site could reach your server. But, the 500 response is a problem. From my own test server I see the error page returned says

<body id="error-page">
<div class="wp-die-message">
<h1>Error establishing a database connection</h1></div></body>

lucaszhn · March 28, 2024, 6:37am

Sorry, I messed up my docker network during the tests, please try again and I must express my gratitude for swift support.

MikeMcQ · March 28, 2024, 8:36am

Does that command still time out? Because I just reran the let's debug website test and it did not time out. It uses the let's encrypt staging system for a test just like the dry run does

lucaszhn · March 28, 2024, 8:47am

Hi MikeMcQ

It is still timeout for me.

lucaszhn · March 28, 2024, 9:59am

Hi MikeMcQ

FYI, I also intalled apache in my base system too, and when I stop wordpress docker(I installed certbot in there) and run certbot in base system with default apache on, it also failed.

lucaszhn · March 28, 2024, 10:04am

Hello Nisha Marshall

I stop my firewall when i ran the command, and security rules on my server service provider are also permit 80/TCP out. So I am wondering, if the first request was succed, then why my following tests are failed?

Thank you for your support

MikeMcQ · March 28, 2024, 2:31pm

Please always show the error message instead of just saying "it failed". Often small differences in the error make a big difference on how to correct.

lucaszhn · March 29, 2024, 1:44am

Thank you for pointing out. Today, the command was successed.

root@lucas-cloud:/var/www/html# certbot renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/lucaszhn.cn.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Simulating renewal of an existing certificate for lucaszhn.cn

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations, all simulated renewals succeeded: 
  /etc/letsencrypt/live/lucaszhn.cn/fullchain.pem (success)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

I could only blame to network unstable or GFW from Chinese gov.
Thank you for your support!