Problem certbot on win 11

I have a problem with certbot on windows 11 pro.
No problems at first, but now he cannot renew the certificates or create new ones.
The message indicating that is timed out by a firewall.
However, this is not the case because the settings on my PC have not been changed and as I said it just worked before.
On the internet and forums I can't really find a workable solution.
Most talk about Linux however I'm on windows.
What could be the problem?

My domain is:

I ran this command:
certbot certonly --webroot,
It produced this output:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Type: connection
Detail: Fetching Timeout during connect (likely firewall problem)

Type: connection
Detail: Fetching Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Some challenges have failed.
Ask for help or search for solutions at See the logfile C:\Certbot\log\letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version):
The operating system my web server runs on is (include version):
Windows 11 pro
I can login to a root shell on my machine (yes):
The version of my client is certbot 1.24.0

Hi @mbrv4ever, and welcome to the LE community forum :slight_smile:

Is there a firewall problem?
Is your ISP blocking port 80?
Is that the correct IP for your site?


No, my ISP is not blocking port 80.
As I said, it worked until now.
And, yes, this is the IP for my server indeed.

I also can't reach your site.
I get:

curl -Ii
curl: (56) Recv failure: Connection reset by peer

Thanks, I find the problem.
My IPS blocks the 80 port from outside.
So I have two options, make an 80/8080 port forward or I must make my modem in bridge mode, Thanks for the help!

1 Like

I don't think that's an option that can workaround your ISP blocking port 80.
You'd have to hear the port 80 request to redirect it.
But they can block it before it ever reaches you - as they are doing right now.

In any case, let us know how you get around the problem.
Cheers from Miami :beers:


Thanks I will Cheers from Breda, the Netherlanders.


If your ISP is now blocking port 80 you should also confirm they are not blocking port 443 (https) as well, currently your site is not accessible on any port.

If they are not blocking port 443 and your site just isn't running just now you could consider using DNS validation instead of http validation to get your certificate.


Hi thanks, how do i get DNS validation true the certbot app?

1 Like

I don't know actually, usually it involves either finding a certbot plugin for your particular DNS provider (which may or may not exist), using acme-dns or using your own DNS scripting.

There are alternative Windows tools like (which I develop) but you should be able to do it using certbot, especially since you're trying to get a cert to use with Apache (instead of IIS for example).

Really the easiest thing to do is not host your website at home and instead use a cloud hosted VM (AWS Lightsail etc), that way all the networking is designed for website hosting etc.


Hi and thanks for your comment and information.
The thing is, I have a home server to create and especially test things. And a hosting service server.
Because creating and then always uploading to the remote server takes a long time and costs bandwidth.
I live in the Netherlands and the Hosting service here costs quite a bit.
But the stupid thing is that a few weeks ago, everything just worked.
Internally, the ports checked the firewall and everything.
Also checked the modem proportionally, nothing wrong either.
My ISP service also saw no problems.
Now I am going to hard reset the modem and see if this helps.
It's possible that the modem is malfunctioning.
But thanks for the replies and help!


Cool, for info an AWS Lightsail (linux) VM costs $3.50 USD per month (Windows is $8) - I find it quite convenient for small (or temporary) test servers.

Hope the reset works!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.