Problem binding to port 443 while updating certs


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: admin.rstunlimited.us/

I ran this command: letsencrypt-auto renew

It produced this output: Problem binding to port 443: Could not bind to IPv4 or IPv6

My web server is (include version): Sentora

The operating system my web server runs on is (include version): Ubuntu 14.04.5 LTS

My hosting provider, if applicable, is: DreamHost Cloud

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No


Has something changed how letsencrypt processes cert updates in the last couple of months? I have four domains using SSL. Three were renewed fine a couple of months ago, but when I ran the renew command today the "Problem binding to port 443: Could not bind to IPv4 or IPv6
" error message appeared for admin.rstunlimited.us/.


#2

Hi,

Can you share us the full log ?

(The one mentioning authenticator etc…)

P.S. you might want to upgrade to certbot-auto (since letsn encrtpt auto was a few years ago)

Thank you


#3

letsencrypt-auto and certbot-auto both run the same script which autoupdates the software release. Thus if you run letsencrypt-auto --version and certbot-auto --version, you should see the same software version!

However, using the name letsencrypt-auto is often a sign of following old documentation and might mean that it would be a good idea to consult newer documentation.

I agree with @stevenzhu that it would be useful to see the log (at the very least, the full output from running the command).

My guess is that the

comes from a certificate that was obtained using --standalone. Perhaps when the certificate was obtained, there was no web server running on port 443 (and so --standalone could bind it), but now there is one. Normally --standalone is meant for use when you don’t have an existing web server at all, or when you have a web server that you can shut down temporarily during issuance and renewal.


#4

Right, since I had created the SSL using --standalone I removed it and created a new cert. Seems to be working now.

Thanks for the input!!


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.